The Channel logo


By | Iain Thomson 8th April 2015 20:37

Using Office 365 at work? It's dangerous to go alone! Take this...

Microsoft touts new weapon to fend off Exchange email exploiters

Microsoft is adding some security tools, dubbed Advanced Threat Protection, to Office 365 for its business and government subscribers.

The utilities will try to curb malware writers and phishers seeking to exploit vulnerabilities via emailed attachments and links.

"As hackers around the globe launch increasingly sophisticated attacks, many organizations are seeking tools that provide advanced protection," said Shobhit Sahay, technical product manager for the cloud-hosted Office 365 team.

"That’s why we are pleased to introduce Exchange Online Advanced Threat Protection (ATP), a new email filtering service that provides additional protection against specific types of advanced threats."

Office 365's Exchange already has a signature-based malware blocking system, but these types of security mechanisms are increasingly useless considering how easy it is now to tweak malware. Redmond is now adding Safe Attachments, which scans incoming email for dodgy code by opening the attachment in a hypervisor environment and checking to see if it behaves like malware.

Another tactic by miscreants is to direct victims to malicious websites hosting malware. Links to these drive-by-infection sites are usually blocked if the URL is on a blacklist, so scammers are now hiding them behind seemingly innocuous redirectors, but ATP adds the ability to deeply scan all URLs to see if there is a malicious twist of direction hidden in there.

Sysadmins are also going to get improved reporting tools for security mechanisms with APT. This isn't only handy for justifying budgets, but also allows admins to add arbitrary email addresses and URLs to an internal blacklist, rather than just relying on Microsoft's.

The price for ATP is $2 per user per month for enterprise users, and $1.75 per user per month for those using Office 365 for government. Office 365 Government Community Cloud (GCC), Office 365 Education and Office 365 Nonprofit customers are out of luck.

Microsoft is going to be testing the service with select users over the next few months. The full service is expected to go live this summer. ®

comment icon Read 11 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe