By Dominick Reuter for Business Insider US
Move over, Calibri, there’s a new font in town – though which one will be the choice of voters.
On Wednesday, Microsoft’s Design Team put out a call asking for typographophiles to choose the new default font for the Office 365 software suite, which includes mainstay workplace apps like Word, Excel, and PowerPoint.
“A default font is often the first impression we make; it’s the visual identity we present to other people via our resumes, documents, or emails. And just as people and the world around us age and grow, so too should our modes of expression,” the team said in its announcement.
Calibri has been the brand’s default font choice since 2007, when it replaced the classic Times New Roman. And no, Times New Roman is not one of the choices to vote on for the refresh.
The five new sans-serif choices are called Tenorite, Bierstadt, Skeena, Seaford, and Grandview, and the designers of each offered their best argument for why typographophiles should choose theirs.
All five are available now, to subscribers, through the Office 365 cloud, and social feedback is encouraged on the company’s Twitter page.
The shortlisted new fonts “span the various sans-serif styles—humanist, geometric, swiss-style, and industrial” says Microsoft.
The candidates are described as:
- Tenorite “has the overall look of a traditional workhorse sans serif (a font without a serif, or a stroke at the ends, like Times New Roman), but with a warmer, more friendly style. “
- Bierstadt “is a precise, contemporary sans serif typeface inspired by mid-20th-century Swiss typography. A versatile typeface that expresses simplicity and rationality in a highly readable form, Bierstadt is also notably clear-cut with stroke endings that emphasize order and restraint.”
- Skeena “is a ‘humanist’ sans serif based on the shapes of traditional serif text typefaces. Its strokes are modulated, with a noticeable contrast between thick and thin and a distinctive slice applied to the ends of many of the strokes.”
Seaford “is a sans serif typeface that is rooted in the design of old-style serif text typefaces and evokes their comfortable familiarity.”
- Grandview “is a sans serif typeface derived from classic German road and railway signage, which was designed to be legible at a distance and under poor conditions.”
By Alison DeNisco Rayome for Tech Republic
Microsoft Office documents packed with malicious macros are the most common malware loader of the past month, accounting for 45% of all delivery mechanisms analysed, according to a Thursday report from Cofense.
Office Macros were followed in popularity by CVE-2017-11882, malicious batch scripts, malicious PowerShell scripts, and WSC downloaders, the report found.
This demonstrates that threat actors tend to leverage tried-and-tested delivery mechanisms, the report noted. Macros may have a low barrier to entry, but they are not used only by immature or low-impact cybercriminals: Malware delivered via macros is among the worst in today’s threat landscape, including Geodo, Chanitor, AZORult, and GandCrab, according to the report.
Macros remain a popular email attachment method of delivering a malicious payload because they are typically enabled on a machine, or easily allowed with a single mouse click, the report noted—making it very easy to launch the first stage of an attack. When used this way, macros are embedded Visual Basic scripts that are often used to download or directly execute further payloads.
The Microsoft Office Macro feature could be enabled by default in your organisation’s IT environment, according to the report. When this is the case, a user may not receive any warning that something is wrong upon opening a malicious document. Even when an organisation has some kind of protection in place—such as a security warning at the top of the document—it can often be dismissed with just one click, or may be ignored by the user.
IT departments can protect their organisation from macros by disabling them enterprise-wide, the report said. However, many businesses rely on macros for their legitimate usage, in which case IT may want to consider enacting a blanket policy of blocking documents at the gateway, or, perhaps more realistically, combining different policies such as blocking or grey-listing documents coming from unknown senders. Security education is also key, the report said.
The big takeaways for tech leaders
- Microsoft Office documents packed with malicious macros are the most common malware loader of the past month, accounting for 45% of all delivery mechanisms.
- Malware delivered via macros is among the worst in today’s threat landscape, including Geodo, Chanitor, AZORult, and GandCrab.