fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Office 365 Security Baseline Adds Macro Signing, JScript Protection

Office 365 Security Baseline Adds Macro Signing, JScript Protection

Microsoft has updated the security baseline for Microsoft 365 Apps for enterprise (formerly Office 365 Professional Plus) to include protection from JScript code execution attacks and unsigned macros.

Security baselines enable security admins to use Microsoft-recommended Group Policy Object (GPO) baselines to reduce the attack surface of Microsoft 365 Apps and boost the security posture of enterprise endpoints they run on.

“A security baseline is a group of Microsoft-recommended configuration settings that explains their security impact,” as Microsoft explains.

“These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and customers.”

Security baseline changes

The highlights of the new recommended security configuration baseline settings for Microsoft 365 Apps for enterprise, version 2104, include protection against remote code execution attacks by restricting legacy JScript execution for Office.

JScript is a legacy Internet Explorer component that, although replaced by JScript9, is still being used by business-critical apps in enterprise environments.

Additionally, admins are also advised to extend macro protection by enabling a GPO to require application add-ins to be signed by trusted publishers and disable them silently by blocking them and turning off Trust Bar notifications.

The GPOs that need to be enabled to implement these baseline recommended security settings are:

  • “Legacy JScript Block – Computer” disables the legacy JScript execution for websites in the Internet Zone and Restricted Sites Zone.
  • “Require Macro Signing – User” is a User Configuration GPO that disables unsigned macros in each of the Office applications.

Also Read: How To Comply With PDPA: A Checklist For Businesses

Other new policies added to the baseline since last year’s release include:

  • “DDE Block – User” is a User Configuration GPO that blocks using DDE to search for existing DDE server processes or to start new ones.
  • “Legacy File Block – User” is a User Configuration GPO that prevents Office applications from opening or saving legacy file formats.
  • New policy: “Control how Office handles form-based sign-in prompts” we recommend enabling and blocking all prompts. This results in no form-based sign-in prompts displayed to the user and the user is shown a message that the sign-in method isn’t allowed.
  • New policy: We recommend enforcing the default by disabling “Disable additional security checks on VBA library references that may refer to unsafe locations on the local machine” (Note: This policy description is a double negative, the behavior we recommend is the security checks remain ON).
  • New policy: We recommend enforcing the default by disabling “Allow VBA to load typelib references by path from untrusted intranet locations”. Learn more at FAQ for VBA solutions affected by April 2020 Office security updates.
  • New dependent policy: “Disable Trust Bar Notification for unsigned application add-ins” policy had a dependency that was missed in the previous baseline. To correct, we have added that missing policy, “Require that application add-ins are signed by Trusted Publisher”. This applies to Excel, PowerPoint, Project, Publisher, Visio, and Word.

Available via Microsoft’s Security Compliance Toolkit

“Most organizations can implement the baseline’s recommended settings without any problems. However, there are a few settings that will cause operational issues for some organizations,” Microsoft said.

“We’ve broken out related groups of such settings into their own GPOs to make it easier for organizations to add or remove these restrictions as a set.

“The local-policy script (Baseline-LocalInstall.ps1) offers command-line options to control whether these GPOs are installed.”

The final release of the security baseline for Microsoft 365 Apps for enterprise is available for download via the Microsoft Security Compliance Toolkit.

It includes “importable GPOs, a script to apply the GPOs to local policy, a script to import the GPOs into Active Directory Group Policy.”

Microsoft also provides all the recommended settings in spreadsheet form, together with an updated custom administrative template (SecGuide.ADMX/L) file and a Policy Analyzer rules file.

Also Read: In Case You Didn’t Know, ISO 27001 Requires Penetration Testing

Future security baselines will be aligned with semi-annual channel releases of Microsoft 365 Apps for enterprise every June and December.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us