Microsoft releases new security guide for Office 2007

In an effort to help Microsoft Office users remain productive and keep data secure, Microsoft has released a new document, 2007 Microsoft Office Security Guide, designed to help defeat attacks that target e-mail and desktop documents. The guide offers detailed documentation for securing Office 2007 applications to protect against specially written document files with malicious code hidden within them.

It is an unfortunate fact that e-mail attachments, macros, and add-ins can contain viruses or other malware. The 2007 Microsoft Office Security Guide provides IT professionals with best practices and automated tools to help strengthen the security of computers that run either Windows Vista or Windows XP SP2 as well as the following applications:

  • Microsoft Office Access 2007

  • Microsoft Office Excel 2007

  • Microsoft Office InfoPath 2007

  • Microsoft Office Outlook 2007

  • Microsoft Office PowerPoint 2007

  • Microsoft Office Word 2007

    The 2007 Microsoft Office Security Guide consists of the following components:

  • Executive Overview. This document summarizes for business and technical managers how the guidance and tools in this Solution Accelerator can benefit your organization.

  • Security Guide. This guide describes the security model for the 2007 Microsoft Office release as well as new security features and functionality. It includes recommended guidelines and best practices for implementing security settings for two different environments—an Enterprise Client (EC) environment, which seeks to balance functionality and security and is appropriate for most organizations, and the Specialized Security – Limited Functionality (SSLF) environment, which is only appropriate for organizations that require very strong security at the expense of application functionality. SSLF settings restrict some application features.

  • Threats and Countermeasures. This guide is a comprehensive technical reference that explains the security and privacy settings for the six referenced applications, their recommended configurations, and which threats they address. It also contains Common Configuration Enumeration (CCE) IDs for all the settings. CCE provides identifiers to system configurations to facilitate fast and accurate correlation of configuration data across multiple information sources and tools.

  • Security Settings spreadsheet. This Office Excel spreadsheet lists security settings for the six referenced applications and their recommended configurations for the EC and SSLF environments, as well as Common Configuration Enumeration (CCE) IDs for all the settings.

  • GPOAccelerator. This tool helps you automatically deploy security configurations for the 2007 Microsoft Office release across your organization. It can also be used to deploy security settings for Windows® XP and Windows Vista.

    The Office 2007 Security Guide will be formally introduced at the Microsoft TechEd conference this week in Barcelona, Spain. The guide will offer detailed documentation for securing Office 2007 applications to protect against specially written document files with malicious code hidden within them.

    You can access the 2007 Microsoft Office Security Guide.

    You may like these other stories...

    Event Date: May 29, 2014 In this presentation Excel expert David Ringstrom, CPA brings you up to speed on the Excel feature you should be using, but probably aren't. The Table feature offers the ability to both...
    No field likes its buzzwords more than technology, and one of today's leading terms is "the cloud." But it's not just a matter of knowing what's fashionable. Accounting professionals who know how to use...
    There is a growing trend of accountants moving away from traditional compliance work to more advisory work. Client demand is there, but it is up to the accountants to capitalize on that. What should accountants' roles be...

    Upcoming CPE Webinars

    Apr 22
    Is everyone at your organization meeting your client service expectations? Let client service expert, Kristen Rampe, CPA help you establish a reputation of top-tier service in every facet of your firm during this one hour webinar.
    Apr 24
    In this session Excel expert David Ringstrom, CPA introduces you to a powerful but underutilized macro feature in Excel.
    Apr 25
    This material focuses on the principles of accounting for non-profit organizations' revenues. It will include discussions of revenue recognition for cash and non-cash contributions as well as other revenues commonly received by non-profit organizations.
    Apr 30
    During the second session of a four-part series on Individual Leadership, the focus will be on time management- a critical success factor for effective leadership. Each person has 24 hours of time to spend each day; the key is making wise investments and knowing what investments yield the greatest return.