Microsoft Tightens Security on ActiveX Controls in Office Applications
As of this month, Microsoft is implementing stricter security measures regarding ActiveX controls across its Office suite, which includes popular applications like Word, Excel, PowerPoint, and Visio. This change is designed to bolster security for users by altering the default settings for ActiveX elements within these applications.
Previous Settings and Vulnerabilities
Previously, users could enable ActiveX controls with ease via a prompt that presented minimal restrictions. However, Microsoft acknowledged that this approach posed significant security risks, as it enabled the potential deployment of malicious files through social engineering tactics. By introducing these changes, the company aims to mitigate the risks associated with unauthorized code execution and malware transmission.
Overview of the New Default Configuration
This revised configuration is now available to all Microsoft 365 Insiders within the Beta Channel and is simultaneously rolling out in version 2504 of the Current Channel (build number 18730.20030 or newer).When users attempt to open files containing ActiveX elements, they will encounter a notification stating, “BLOCKED CONTENT: The ActiveX content in this file is blocked.”This message makes it clear that ActiveX is not enabled, and users will not find any option to activate these controls directly.
Notification and Trust Center Settings
Should users wish to learn more about this update, a “Learn more”link is provided, directing them to an official support document that details the disabling of ActiveX by default in Office 2024 and Microsoft 365. Notably, the notification regarding blocked ActiveX content appears only if the associated behavior has not been adjusted within the Trust Center settings.
Interacting with ActiveX Elements
In instances where ActiveX controls are blocked, users can still view certain objects as static images; however, interaction with these elements is not permitted. This reinforces the idea that the primary focus is on maintaining security while providing a functional user experience.
Steps to Enable ActiveX Controls
If you find it necessary to re-enable ActiveX controls, you can do so through the Trust Center. Follow these steps:
- Navigate to File > Options > Trust Center, and click on the Trust Center Settings button.
- In the Trust Center dialog, select ActiveX Settings > Prompt me before enabling all controls with minimal restrictions and confirm by clicking the OK button.
Leave a Reply ▼