Office 365 is now more secure than ever before due to recent changes by Microsoft. The changes are very welcomed because they make for a more secure experience. Therefore, users should have little to worry about. OK, so here’s the thing. In the past, anti-virus programs weren’t able to scan every aspect of Office 365. If you have an infected macro, well, the chances of you finding out was quite low, but those days are over.
Office 365 gets Antimalware Scan Interface
According to the giant from Redmond, Office 365 is now integrated with Antimalware Scan Interface (AMSI). This should allow every anti-virus tool out there, which includes Windows Defender, to scan macros and scripts for threats.
The company made it clear that malware tends to take advantage of macros to infect Windows 10 computer systems. Now, these types of infections weren’t prevalent for quite some time, but in recent years, Microsoft has witnessed a resurgence.
What is Microsoft doing? Here’s what the company had to say:
“To counter this threat, we invested in building better detection mechanisms that expose macro behavior through runtime instrumentation within our threat protection solutions in the cloud. We’re bringing this instrumentation directly into Office 365 client applications. More importantly, we’re exposing this capability through AMSI, an open interface, making it accessible to any anti-virus solution.”
Users should be very careful because macros are popular among attackers due to their vast capabilities. Furthermore, we understand that macro source codes are easy to obscure and to make matters worse, there are many free tools on the web to make this task easier than before.
Now, chances are you’ve heard of AMSI before, but maybe you have little idea of what it is. Well, it’s an “open interface available on Windows 10 for applications to request, at runtime, an asynchronous scan of a memory buffer by an installed antivirus or security solution.”
Microsoft has made sure that every application has the option to interface with AMSI to request scans for data that are untrusted. Additionally, the AMSI system integrates well with JavaScript, VBScript, and PowerShell scripting engines.
