Application security, Cloud Security, Malware, Phishing, Ransomware, Vulnerability Management

Microsoft adds ransomware protection, recovery tools to Office 365

Microsoft has rolled out a series of new tools to protect its Office 365 Home and 365 Personal customers from a variety of cyberthreats, including ransomware.

Kirk Koenigsbauer, Microsoft's corporate vice president for Office, said subscribers to these two Office productivity suites will receive additional measures to protect against ransomware, email-based threats, stronger password protection and advanced link checking in Office products.

The first new ransomware defense has the company bringing its File Restore feature over from OneDrive for Business to the consumer-level OneDrive accounts. Files Restore allows you to restore an entire OneDrive account to a previous point in time within the last 30 days. This would allow a person to rebuild or replace any files encrypted by a ransomware attack, Koenigsbauer wrote in a blog.

Microsoft's next step is adding the ability to detect a ransomware attack in progress in Office 365 and then lead the victim through the recovery process.

“If an attack is detected, you will be alerted through an email, mobile, or desktop notification and guided through a recovery process where you'll find the date and time of attack preselected in Files Restore,” he said.

For 365 users who share important information via email or through links, Microsoft will enable password protection for these actions. If the subscriber so chooses he or she can set a password that has to be input to access a shared file. Microsoft believes this will protect a document if it is accidentally shared with an unauthorized person.

Also on the email front, Outlook.com will now offer end-to-end email encryption and an Outlook user can now prevent an email, and any attached documents, from being forwarded beyond its intended recipient.

The final security upgrade has the company bringing its advanced link checking technology to Word, Excel, and PowerPoint from Outlook.com. Microsoft Word has recently become a popular conduit for cyberattackers who used the documents and their various vulnerabilities to launch fileless attacks.

“Starting later this year, links you click in Word, Excel, and PowerPoint will also be checked in real-time to determine if the destination website is likely to download malware onto your computer or if it's related to a phishing scam. If the link is suspicious, you will be redirected to a warning screen recommending you don't access the site,” Koenigsbauer said.

Microsoft added this advanced protection to Outlook last fall.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.