Using Microsoft Defender Application Guard, customers can sandbox untrusted documents keeping them away from a system. Through this virtual container, documents across Office apps can be vetted if they come from an unknown source. Defender AG functions in Microsoft Word, Excel, and PowerPoint. It also functions within emails, allowing users to safely and securely open attachments in Microsoft 365. When the tool opens a document, it fires a notification to users. If the user trusts the source, they can remove the AG warning. “To help protect your users, Office opens files from potentially unsafe locations in Application Guard, a secure container that is isolated from the device through hardware-based virtualization. When Office opens files in Application Guard, users can securely read, edit, print, and save those files without having to re-open files outside the container.”
Availability
Unfortunately, Microsoft is limiting the availability of the tool. Specifically, the company says the tool is available on to Microsoft 365 E5 or E5 Security users. That’s a shame because this is the kind of security tool that would be useful for all businesses and even personal users. Clearly, Microsoft wants Application Guard to be an exclusive to entice organizations to the E5 subscription. There are some requirements to test the preview. Firstly, users must be running Windows 10 Enterprise version 2004 on build 19041 or newer. Office 365 version 2008 (build 16.0.13212 or newer), and the KB4566782 security update must also be in use. needs to be installed. Customers will need a machine offering at least an Intel Core i5 or equivalent, along with 10GB of storage space and at least 8GB of RAM.