Microsoft releases Office exploit isolation tool

Microsoft has released a file conversion tool that stops exploits rigged into .doc, .xls and .ppt files from infecting Office 2003 users.

The tool, called MOICE (Microsoft Office Isolated Conversion Environment), can be used in tandem with Group Policy settings to convert documents in legacy (.doc) formats to OpenXML formats, stripping out potentially harmful elements that could pose a potential security risk.

The conversion process takes place in a safe, quarantined sandbox environment, so the user's computer is fully protected. (See previous blog entry on the MOICE plans).

The tool, available here as a free download, currently supports the .doc, .ppt, .pot, .pps, .xls, .xlt and .xla file formats.

According to a KB article accompanying the MOICE release, the tool requires that Office 2003 or Office 2007 is installed along with the Compatibility Pack for Word, Excel and PowerPoint 2007 file formats.

Microsoft has already released a security advisory with additional details.

ALSO SEE: Statistics from MessageLabs on targeted attacks using Microsoft Office exploits, including speculation that an Office exploit generator kit may be in circulation online.