Microsoft has announced the deprecation of Defender Application Guard for Office, an integral security feature designed for its Microsoft 365 Apps suite, promoting alternative protective measures. Initially introduced to safeguard users against malware threats by opening documents from untrusted sources within a secure sandbox environment, Defender Application Guard for Office has utilized hardware-based virtualization to create a protective barrier for devices.
Recommended Security Alternatives
The company has advised users to transition to different protection systems, such as the attack surface reduction rules featured in Microsoft Defender for Endpoint, in conjunction with Protected View and Windows Defender Application Control. These alternatives aim to maintain robust cybersecurity by minimizing the attack surface that can be exploited and running untrusted files in a safe and restricted manner.
Background and Context
Launched as part of a limited preview in November 2019 and made available in the ensuing years to organizations holding Microsoft 365 E5 or Microsoft 365 E5 Security licenses, the Application Guard for Office has been part of Microsoft's comprehensive security solutions for Enterprise editions of Windows 10 and Windows 11.
This move to deprecate aligns with Microsoft's ongoing revision of its software offerings, which includes the phasing out of legacy features such as VBScript and WordPad, as well as the end of support for insecure TLS protocols. Microsoft's reevaluation of security strategies reflects a broader trend in the technology industry to adapt and evolve cybersecurity measures in response to the ever-changing landscape of digital threats.