From Microsoft Corporation
Technical Bulletin MC302216 · Published Dec 7, 2021
This feature update will change the behavior of Office applications to enforce policies that block active content (ex. macros, ActiveX, DDE) on Trusted Documents. Previously, active content was allowed to run in Trusted Documents even when an IT administrator had set a policy to block it. As part of ongoing Office security hardening, the IT administrator’s choice to block active content will now always take precedence over end-user set trusted documents.
This message is associated with Microsoft 365 Roadmap ID 85574.
When will this happen?
Note: This change is released to Insiders in build 2110.
Current channel: we will begin rolling this out in early February and expect to complete rollout early May.
How will this change affect your organization?
The expected impact is when a user opens a previously trusted file with active content that’s enabled. If there’s a policy set by their IT administrator or a trust center setting blocking the active content, the content will remain blocked.
- When this happens, we will display a business bar with a “Learn more” button that leads to a link explaining the change in behavior and links to Commercial guidance for IT Administrators.
We have also added a backstage slab for all files containing active content displaying the trust scenario of the file.
- This backstage notification particularly helps in the situation where the IT administrator has blocked all Trust bar notifications with the policy “Disable all Trust Bar notifications for security issues”.
- For these impacted users with no business bar notification, they can select File/Info and see the backstage Security Information describing the trust scenario for the file.
What do I need to do to prepare for this change?
You might want to notify your users about this change and update your training and documentation as appropriate.
- Manage active content in Office documents
- New security hardening policies for Trusted Documents
- Trusted document settings have changed
TECHNICAL BULLETIN END
QuixTec provides this and other technical bulletins ‘unaltered’ from Microsoft. As an authorized Microsoft Partner, we ensure that all our solutions we deliver to you include the latest Microsoft updates.
ABOUT US: QuixTec, LLC is a U.S. certified Veteran Owned, modern DevOps organization and Microsoft Partner that specializes in Microsoft SharePoint, Office 365 expertise & HTML5 technologies for small to enterprise-sized organizations. The founder, Richard, has 30 years of experience working with several notable companies that include World Vision, Expedia, Microsoft, Levi Strauss, NASA, Boeing Aerospace, Los Alamos National Laboratory, and the U.S. Air Force, to name a few. QuixTec is in the Seattle area. Phone today for a free consultation and project estimate: