Microsoft Defender Application Guard for Office, a new feature that helps prevent untrusted files from accessing trusted resources, is now available in public preview for Microsoft 365. In a recent blog post, Microsoft explained that the feature will be turned off by default, and it’s only available to customers with Microsoft 365 E5 Security or Microsoft 365 E5 licenses.
“To help protect your users, Office opens files from potentially unsafe locations in Application Guard, a secure container that is isolated from the device through hardware-based virtualization. When Office opens files in Application Guard, users can securely read, edit, print, and save those files without having to re-open files outside the container,” the company explained.
Once the feature is enabled by IT admins, end-users will see an Office splash screen on the first launch of an untrusted Excel, PowerPoint, or Word document. It indicates that Application Guard for Office is being activated, and the file is being opened in a secure environment. In addition, the file should display some visual indicators (as shown in the featured image), such as a callout in the ribbon and the taskbar icon, to inform the user that the Application Guard is active.
Application Guard for Office makes it easier for IT Admins to ensure that scripts or malicious links in Office files don’t escape the sandbox to keep their enterprise safe from new and emerging attacks. Office 365 Admins can also integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection to monitor the devices potentially affected by a malware.
In its support document, Microsoft noted that PCs should be running Windows 10 version 2004 (build 19041) Enterprise edition and Office 365 version 2008 (build 16.0.13212 or later) to use the feature. We invite you to check out Microsoft’s support document for more details about system requirements and installation steps to enable Application Guard for Office on a device.