Application Guard for Office will be deprecated. Here’s what you need to do to keep your enterprise safe

Companies will have until the end of the month to transition.

by Flavius Floare

Flavius Floare

Flavius is a writer and a media content producer with a particular interest in technology, gaming, media, film and storytelling. He’s always curious and ready to take on… read more

Microsoft Defender Application Guard for Office

Buckle up your seatbelts, and prepare for a hasty transition to new tools of cybersecurity, because Microsoft Defender Application Guard for Office is being deprecated by the Redmond-based tech giant this month.

Microsoft Defender Application Guard for Office or Application Guard for Office, for short, was an efficient security method developed by Microsoft that helps prevent untrusted files from accessing trusted resources. The method proved to be quite useful in keeping enterprises safe from new and emerging cyberattacks.

Microsoft decided not to update the method anymore, deprecating it instead. This means organizations everywhere will have until the end of this month to transition to new methods of protecting themselves against cyberattacks.

Fortunately, the Redmond-based tech giant offers solutions for an easy transition so that companies can secure their resources once again.

Application Guard for Office is gone, but here is what Microsoft recommends

Because Microsoft Office, and Microsoft products in general, are prone to modern malware, the Redmond-based tech giant recommends transitioning to using attack surface reduction rules within Microsoft Defender for Endpoint.

The tech giant also recommends transitioning to Protected View and starting using Windows Defender Application Control.

Microsoft Defender Application Guard for Office is being deprecated and is no longer being updated. This deprecation also includes the Windows.Security.Isolation APIs that are used for Microsoft Defender Application Guard for Office. We recommend transitioning to Microsoft Defender for Endpoint attack surface reduction rules along with Protected View and Windows Defender Application Control.


Both Protected View and Windows Defender Application Control can be easily managed and enabled/disabled at will. Using Microsoft Defender for Endpoint is a bit more complicated, but nothing an IT admin can’t handle.

If anything, Microsoft has a comprehensive guide on how to understand and use attack surface reduction capabilities, right here, that you can read before deciding to transition.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *