Microsoft has announced that it is deprecating a security feature called Application Guard for Office, which was designed to protect users from opening potentially harmful files downloaded from untrusted sources. This feature, which was available for Word, Excel, and PowerPoint for Microsoft 365 Apps on Windows 10 and Windows 11 Enterprise editions, used hardware-based virtualization to create isolated containers for opening downloaded documents in Office applications. This way, the device would be shielded from any malware infections that could result from opening malicious files.
Along with Application Guard for Office, Microsoft is also deprecating the Windows.Security.Isolation APIs, which are the programming interfaces that are used to enable and configure Application Guard for Office. Microsoft said that these APIs are no longer being updated and that it recommends transitioning to other security solutions.
The alternatives that Microsoft suggests are Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control. These are features that can help prevent malware attacks, restrict access to sensitive resources, and enforce policies on what applications can run on the device.
Application Guard for Office was first introduced in November 2019 as a limited preview for organizations with Microsoft 365 E5 or Microsoft 365 E5 Security licenses. It became generally available in January 2021 for all Microsoft 365 customers with supported licenses. The deprecation of Application Guard for Office is part of Microsoft’s efforts to improve the performance and security of its products by phasing out outdated or redundant features.