Office sandbox file security to disappear from enterprise Windows by late 2027, Microsoft confirms

Windows enterprise administrators will have until December 2027 at the latest to put in place alternatives to the security protection offered by Microsoft Defender Application Guard (MDAG) for Office, the company has confirmed.

MDAG’s purpose is to protect customers from the threat of boobytrapped Office documents sent via email. The feature was added to some Office subscription tiers from 2019 onwards, but Microsoft announced in November 2023 that the feature was nearing the end of the road, since when customers have been waiting for more detail on how and when this would happen.

According to Microsoft’s new timeline on its customer portal, removal will begin with Office version 2602 for the Current Patch Tuesday Channel in February 2026, the Monthly Enterprise Channel in April 2026, and the Semi-Annual Enterprise Channel in July 2026.

Full removal will happen for Office version 2612 by December 2026 for the Current Channel, February 2027 for the Monthly Enterprise Channel, and July 2027 for the Semi-Annual Enterprise Channel.

Ambiguously, the timeline also lists December 2027 as the final date for removal, although it’s likely that the later date is a final cut-off for customers with extended support licenses.

Isolation overhead

Instead of opening files in main memory, MDAG opens files in a Hyper-V sandbox, thereby isolating any malware executed from the operating system. The concept is sound, but it comes with the inconvenience of much slower document load times.

It could also be undermined by occasional vulnerabilities in the isolation layer, an example of which would be CVE-2022-26706, a sandbox escape flaw affecting macOS.

Microsoft is replacing MDAG with two security layers it claims do the same job: Attack Surface Reduction (ASR) rules and Windows Defender Application Control (WDAC).

ASR is a rules-based mechanism for blocking malicious scripts, executables, or code injection. While the performance is much improved, one potential downside is that it relies on behavioral analysis.

What happens if attackers use a novel technique not yet picked up by ASR? Microsoft’s view is that they rarely do because most malicious document attacks exploit predictable techniques. Backed by cloud-based machine learning, the chances of an innovative attack getting past ASR are claimed to be small.

Meanwhile, WDAC analysis, which executes at kernel level, blocks applications by monitoring digital signatures, file hashes, and other reputation signals.

Admin workload

Given that the removal process happens automatically, what’s left for administrators to do?

Although many enterprise IT teams are probably not hugely aware of MDAG, there could still be hidden work caused by its removal. Microsoft, for its part, recommends that administrators do the following:

Enable Microsoft Defender for Endpoint ASR rules to block risky Office file behaviors.

Enable Windows Defender Application Control (WDAC) to ensure only trusted, signed code runs on devices.

Review internal documentation and helpdesk guidance if your organization previously relied on Application Guard for Office.

Nevertheless, MDAG’s deprecation could still cause problems for customers that have built it into automated workflows.

A generic example of this would be an automated workflow script that will only allow an Office document to be opened once it has passed through MDAG. If MDAG is no longer present, that script will need to be re-written — and procedures changed if the logs from isolation security testing were being sent into SIEMs as part of compliance rules.

Although primarily affecting organizations with a cautious approach to Office documents such as critical infrastructure or government, this re-scripting could still turn into a lot of work.

What’s not in doubt is the stress induced by the regular churn of new and deprecated features on a Windows platform that has gradually become byzantine in its complexity.

Since 2017, Computerworld has published a regularly updated guide to Windows 10 and 11 components and features as they appear, or disappear. Meanwhile, the arrival of Windows 11 has introduced several changes to the operating system’s underlying security architecture, many built around Security Copilot.