Question

  • Creator
    Topic
  • #4085484

    How to turn Document to trusted? CDR Content Disarm And Reconstruction?

    by panes-rubrics ·

    Does Microsoft, which is my work preferred Vendor, have a Enterprise solution similar to CDR ? (Which is described in Wikipedia it can remove all malicious Content).
    I asked because of my understanding as follows:
    1. Pictures are considered Active Content
    2. Microsoft Application Guard
    – increase Computer load.
    – available only on certain CPUs
    – impose limitation what can be done to a document
    – not default setting of Windows

    Please correct me if wrong, applying CDR to a document free me to use it as trusted document.
    BACKGROUND
    Quote from MS Community “Microsoft Edge. The best you can do is disable JavaScript execution while you view PDF files within Edge”

You are posting a reply to: How to turn Document to trusted? CDR Content Disarm And Reconstruction?

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our Community FAQs for details. All submitted content is subject to our Terms of Use.

All Answers

  • Author
    Replies
    • #4085485
      Avatar photo

      “Pictures are considered Active Content”

      by rproffitt ·

      In reply to How to turn Document to trusted? CDR Content Disarm And Reconstruction?

      That’s incredible. That alone would obliterate every product manual I’ve written since about the mid 1980’s.

      Who came up with this idea?

      • #4086464

        What I found that alert me Pictures are Active Content?

        by panes-rubrics ·

        In reply to “Pictures are considered Active Content”

        Thanks for your comment, please review my finding as follows:
        as per Microsoft Support:
        Active content types in your files
        Active content is additional functionality in a file or program, such as macros, add-ins, or data connections. This article lists types of active content that can be blocked by settings in Trust Center and which, when present in a document, cause display of the Message Bar when you open your file.

        Types of active content

        The following kinds of external content are linked externally to the file or are embedded, and they are blocked:
         Linked object linking and embedded (OLE) files
         Color-theme files
         Cascading style sheet (CSS) files
         XML expansion packs
         Links to external pictures
         Media files
         Real-time data servers
         XML manifests
         Smart documents

        What Are Media File Formats? (lifewire.com)
        Commonly Used Digital Media File Formats
        • Photo File Formats: JPEG, GIF, PNG, TIFF, BMP

        https://support.microsoft.com/en-us/office/active-content-types-in-your-files-b7ff2e8a-4055-47d4-8c7d-541e19f62bea

    • #4114561

      How to turn Document to trusted? CDR Content Disarm And Reconstruction?

      by Sheila Shelton ·

      In reply to How to turn Document to trusted? CDR Content Disarm And Reconstruction?

      Microsoft does offer an enterprise solution similar to Content Disarm and Reconstruction (CDR) called Microsoft Defender Advanced Threat Protection (ATP).
      While CDR specifically focuses on removing malicious content from documents, Microsoft Defender ATP provides comprehensive protection against various types of threats, including malware, viruses, and other malicious content.
      Regarding your understanding:
      Pictures are considered active content:
      Pictures themselves are not typically considered active content. Active content refers to elements such as macros, scripts, or embedded objects that can execute code and potentially pose a security risk. Images, on the other hand, are typically considered passive content.
      Microsoft Application Guard:
      Microsoft Application Guard is a feature that provides isolation for Microsoft Edge browser sessions, helping protect against potential attacks.
      While it can increase computer load and has specific hardware requirements, it does not directly apply to the process of turning a document into a trusted document.
      Applying CDR to a document can help remove any potentially malicious content and make it safer to use.
      However, it’s important to note that no security solution can guarantee 100% protection, as new threats and attack vectors constantly emerge.
      Regarding the quote from the Microsoft Community about Microsoft Edge and disabling JavaScript execution for PDF files within Edge, this approach can help mitigate potential risks associated with JavaScript execution in PDF files. Disabling JavaScript execution can prevent certain types of attacks that exploit vulnerabilities in JavaScript code.
      If you faced a similar issue and disabling JavaScript resolved the problem, it indicates that the malicious content or attack vector in the PDF file likely relied on JavaScript execution to carry out its malicious actions.
      However, it’s important to keep your software and security solutions up to date to stay protected against evolving threats.
      Regularly installing updates and patches, using reputable security software, and practising safe browsing habits can significantly enhance your overall security posture.

Viewing 1 reply thread