May 22, 2007 2:05 PM
Microsoft's Mo' Ice
Late yesterday, Microsoft released what it calls MOICE (Microsoft Office Isolated Conversion Environment) and ramped up messaging for the Office Block File feature.
According to the security alert:
"Both features are designed to make it easier for customers to protect themselves from Office files that may contain malicious software, such as unsolicited Office files received from unknown or known sources. MOICE makes it easier by providing new security mitigation technologies designed to convert specific Microsoft Office files types, while File Block provides a mechanism that can control and block the opening of specific Microsoft Office file types.
"[MOICE] uses the 2007 Microsoft Office system converters to convert Office 2003 binary documents to the newer Office Open XML format. The conversion process helps protect customers by converting the Office 2003 binary file format to the Office Open XML format in an isolated environment."
Office Open XML, or OOXML, is Microsoft's new file format introduced with Office 2007. The file format isn't open, and it's XML-based—two distinctions often missing from Microsoft messaging. Microsoft has released OOXML converters for some older Windows-based Office versions but reneged on early 2007 delivery for Macintosh Office.
Sorry, but I see the MOICE and so-called security concerns about Office binary files as a Trojan Horse for the OOXML, which its own Trojan Horse. As I explained on Thursday, OOXML is much more than a file format. Microsoft has platform ambitions for OOXML, as the company seeks to advice business intelligence and other initiatives.
To achieve these objectives, Microsoft needs to get customers off its proprietary Office binary files onto its pseudo-proprietary XML-based formats—and waiting for enterprises to convert to Office 2007 isn'g soon enough. (Read PANIC)
Using binary file security as reason for OOXML conversion is shaky. There's certainly some legitimate concern about binary file security, but OOXML conversion is an unusual remedy. Microsoft might gain more cooperation by better respecting customers' intelligence and saying straight its objective. There's no need to use security concerns as a way of isolating and converting Office files. If Office binary files are so risky, why didn't Microsoft fix the problem years ago?
MOICE would be more of a Trojan if it wasn't so much trouble to use. As part of the installation process, binary Office files have to be associated with MOICE rather than with the productivity suite. It's mo' ice on IT organizations frozen up processes.
Microsoft could not immediately provide a spokesperson to discuss MOICE; we declined opportunity to e-mail questions and receive anonymous spokesperson responses, contending it wouldn't be in Microsoft's best interests.
IT managers, please comment and tell everyone what you think about MOICE as a possible security utility or mechanism for encouraging OOXML adoption.
If this is their Office XML strategy, the new web-docs guy is going to have his head handed to him by the rest of the world. Microsoft suckered another round of talent for their desperate ride up the wall. This is truly bizarre. WHAT is goingk on here? Is Microsoft going to be able to weather the coming XML-based avalanche or are they going to hole up and be buried?