Office 365 Gets Security Updates to Better Protect Against Cyberattacks

Thanks to new antimalware tools Office 365 continues to protect users from cyber attacks.

Microsoft recently announced the integration of the Antimalware Scan Interface, which is also referred to as AMSI into popular Office 365 applications including Word, Excel, Outlook, and PowerPoint to help stop certain malware exploits dead in their tracks.

What is AMSI?

AMSI or Antimalware Scan Interface is an interface that allows services and applications to fully integrate with any type of antimalware product that may be present on a machine. One of the key benefits of AMSI is that it isn’t antimalware vendor dependent, which allows malware scanning and protection techniques to be fully integrated into a variety of third-party applications.

This interface is primarily designed for app developers who may want to make requests to various antimalware products from within their apps, as well as third-party app creators in the antimalware industry who want to offer the best possible security features to other applications.

How does this integration work with Office 365 apps?

As you’re likely aware, cyber attacks are constantly morphing, which requires operating system vendors like Microsoft to evolve their antivirus and antimalware strategies constantly. Hackers have recently started to up the prevalence of their use of macros embedded in Office documents and spreadsheets to infect targets. These are typically VBA (Visual Basic) macros which can be easily created and hidden within documents and Excel spreadsheets.

The AMSI integration springs into action when a high-risk script function is completed. Once this happens, Office 365 apps will stop processing the macro and request a scan of the macro’s actions up to that exact moment.

Once the bogus macro is identified, the antivirus/antimalware software installed on a user’s machine is called upon to determine if the threat is malicious or not. The AMSI features works both with Windows Defender, Microsoft’s antivirus and antimalware tool, as well as other third-party antivirus products.

AMSI integration now enabled by default in Office 365

This new Office 365 feature is enabled by default in any applications that support VBA macros, which includes Word, Excel, Outlook, and PowerPoint. While this interface is not foolproof, it offers a much more beneficial way to spot and respond to malware that’s delivered via VBA macros.

Additional security features added to Office 365 in 2018

Aside from this useful integration to guard against VBA macro-based malware attacks, Microsoft has been hard at work rolling out other security updates for Office 365 in 2018. A few security features that may be beneficial to you and your team include:

Recover files after a malicious attack

While OneDrive for Business customers have long had this functionality, Office 365 Home and Office 365 Personal users now have the option to restore their entire OneDrive file structure to a previous state within the last 30 days.

Password protection for shared links and files

Users can now also password protect access to a OneDrive shared file or folder.

Email encryption for messages sent via Outlook.com

Users who now use the web-based com to send and receive email can rest easy knowing that all their messages will be encrypted to help prevent hackers from gaining access to user communication.

Encrypted Office documents

It will now also automatically encrypt Office documents so that if these emails are forwarded to a third party, the attachments will not be able to be opened.

Enhanced link checking

Advanced link checking has also been added to Office 365 to allow for links in Word, Excel, and PowerPoint documents to be checked in real time to determine if a user may be the victim of a phishing scam or an attempt to encourage someone to download harmful malware.

How secure is your organization from the many cyber threats that exist today?

As you can see, Microsoft is hard at work continuously releasing new features to its Office 365 suite of apps to help you and your entire organization remain secure. As the number of cyber threats grows, it’s critical that your organization takes an enterprise-level approach to cybersecurity. One way to jump-start your cyber security efforts is by migrating to a cloud-based productivity suite like Office 365. To learn more about Office 365 security, feel free to reach out to the MessageOps team today.