Office 365 is set to offer more security protection on Trusted Docs

Microsoft is adding more trust in Trusted Documents

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoftplans to allowOffice 365admins to ensure that end users can’t override organization-wide policies set up to block active content even with Trusted Documents.

Trusted Documents are files that contain active content such as ActiveX controls, macros, and Dynamic Data Exchange (DDE) functions that don’t require user interaction, but still open without displaying a prompt or a warning.

However, such active content also lends itself to being misused by threat actors for malicious purposes. Until now, embedded active content in Trusted Documents enabled the files to bypass theProtected Viewsafeguards, but Microsoft is about to change the default setting.

“We are changing the behavior of Office applications to enforce policies that block Active Content (ex. macros, ActiveX, DDE) on Trusted Documents,”announced the companyin its Microsoft 365 roadmap.

Admins know best

Currently all active content embedded inside Trusted Documents would run unhindered, even if an IT administrator had set a policy to block such content.

“As part of ongoing Office security hardening, the IT administrator’s choice to block Active Content will now always take precedence over end-user set trusted documents,” explains Microsoft.

The change would ensure that if an admins has blocked active content, even Trusted Documents with such content will now open under Protected View, even if a user has enabled such content to run without warnings.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

According to the roadmap, Microsoft plans to roll out this new feature to all Microsoft 365 users world-wide, by the end of October 2021.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Washington state court systems taken offline following cyberattack

Is it still worth using Proton VPN Free?

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover