By contrast, macros are disabled with the most-commonly used Office Open XML (OOXML) document formats, which were first introduced with Office 2007. The bigger threat is that many of these formats can include macros or other executable instructions that are easily abused.
![can microsoft office 365 older word file formats can microsoft office 365 older word file formats](https://images.idgesg.net/images/article/2018/12/01-microsoft-office-365-desktop-subscription-version-100783039-large.jpg)
One of the threats of these old binary file formats is that their inherent complexity too often led to exploitable bugs in their parsers. So we just went ahead and fixed the glitch. In the previous Office baseline we published, we tried to end the use of legacy file formats, including all the old Office document formats such as *.doc, *.xls, and *.ppt. “Excel DDE Block – User” is a User Configuration GPO that blocks Excel from using DDE to search for existing DDE server processes or to start new ones.Ĭomprehensive blocking of legacy file formats.“Require Macro Signing – User” is a User Configuration GPO that disables unsigned macros in each of the Office applications.“Legacy File Block – User” is a User Configuration GPO that prevents Office applications from opening or saving legacy file formats.The “MSFT Office 365 ProPlus 1907” GPO set includes “Computer” and “User” GPOs that represent the “core” settings that should be trouble free, and each of these potentially challenging GPOs, each of which is described later: The local-policy script, Baseline-LocalInstall.ps1, offers command-line options to control whether these GPOs are installed. We have broken out related groups of such settings into their own GPOs to make it easier for organizations to add or remove these restrictions as a set. However, there are a few settings that will cause operational issues for some organizations. Most organizations can implement most of the baseline’s recommended settings without any problems. The recommended settings correspond with the Office 365 ProPlus administrative templates version 4909 released on Septemthat can be downloaded here. The downloadable baseline package includes importable GPOs, a script to apply the GPOs to local policy, a script to import the GPOs into Active Directory Group Policy, a custom administrative template (ADMX) file for Group Policy settings, all the recommended settings in spreadsheet form and as Policy Analyzer rules. Blocking Excel from using Dynamic Data Exchange (DDE)Īlso see the announcements at the end of this post regarding the new Security Policy Advisor and Office cloud policy services.ĭownload the content from the Security Compliance Toolkit.Comprehensive blocking of legacy file formats.Componentization of GPOs so that “challenging” settings can be added or removed as a unit.This baseline builds on the overhauled Office baseline we released in early 2018.
![can microsoft office 365 older word file formats can microsoft office 365 older word file formats](https://upload.wikimedia.org/wikipedia/commons/thumb/9/9e/Office_365_app_logos.svg/300px-Office_365_app_logos.svg.png)
Please evaluate this proposed baseline and send us your feedback through the Baselines Discussion site. Microsoft is pleased to announce the final release of the recommended security configuration baseline settings for Microsoft Office 365 ProPlus, version 1908.