MS Application Guard default for all

Microsoft has announced that Application Guard for Office is now generally available for all Microsoft 365 users with supported licenses.

Application Guard for Office blocks files downloaded from untrusted sources from gaining access to trusted resources by opening them in sandboxes.

These secure containers are isolated with the help of hardware-based virtualization preventing potentially unsafe documents opened in Office from infecting users with malware.

The Application Guard sandbox will also automatically block malicious attachments from downloading other malicious tools, exploiting system or software vulnerabilities, or executing malicious tasks that could impact the users’ device and data.

Application Guard for Office was launched in limited preview in November 2019 and it is only available to organizations that have Microsoft 365 E5 or Microsoft 365 E5 Security licenses.

Admins can only deploy it on endpoints running at least Windows 10 Enterprise edition, version 2004 (20H1), with the cumulative monthly security update KB4571756 installed.

Application Guard for Office is also integrated with Microsoft Defender for Office 365 and the Microsoft Defender for Endpoint enterprise endpoint security platform for malicious activity monitoring and alerting within secure containers.

Earlier, Microsoft has announced that Microsoft Defender for Endpoint’s detection and response (EDR) capabilities are generally available on Linux servers.