Microsoft's attempts to protect against the growing range of attacks targeting unpatched flaws in its Office application suite are only likely to be partially effective, according to security experts. The tool, Microsoft Office Isolated Conversion Environment (MOICE), is designed to protect against malformed Office 2003 …
There is another option
Instead of buying a newer version of Microsoft's trojan factory, er, Office, convert your enterprise to an open-source product such as OpenOffice. Patches for newly-discovered vulnerabilities *always* come faster for open-source products (probably because the developers are alos the users, and therefor they have a personal stake in ensuring security).
The cost savings alone is justification; an "upgrade" version of Office 2007 Standard costs US$197.99 plus shipping from Amazon. A typical small business will therefor spend in the neighborhood of US$20,000 to move to Office 2007 (and that doesn't include the costs of retraining the staff to use the new software, which, of course, works differently to Office 97, 200, and 2003). Converting to OpenOffice costs nothing (again, ignoring retraining - but since OpenOffice is a "work-alike" for MS Office 2000, those costs will be significantly less than the move to Office 2007).
Yes, yes, we know.
Blah blah open office blah. Please. There is a time and a place for advertisements. I use Apple's Pages, and don't have any Microsoft product on this computer that was made this millennium, and you don't see me blathering on about it.
Those that know about OpenOffice have already made their decision, and those that don't will be put off with your preaching.
P.S. http://spellbound.sourceforge.net/ will help your cause. Trust me on that.
"I use Apple's Pages, and don't have any Microsoft product on this computer that was made this millennium, and you don't see me blathering on about it."
That's not entirely true now is it...
In light of the fact that ONLY Office 2000-and-up can officially read OOXML files at this time (and THAT requires a conversion add-on for Office 2000/XP/2003), I see this so-called "security" move as a net negative-- an attempt to lock users into MS software. Sure, there are stand-alone converters that will convert back from DOCX to DOC formats, but how many end-users will know this, or be in an environment that allows such software to be installed?
We can only HOPE that OOXML crashes-and-burns, as it deserves to. The fact that most professional journals won't accept OOXML file formats is telling.