Microsoft will change how Office handles Trusted Documents to improve security

News
By published

Microsoft will make sure IT Admins have control over how PCs handle Trusted Documents.

Laptop with Office 365
Laptop with Office 365 (Image credit: Windows Central)

What you need to know

  • Microsoft will change how Office 365 handles Trusted Documents.
  • Trusted Documents can contain active content that can run regardless of IT admin policies.
  • Following an upcoming change, IT admin policies will always take precedence over Trusted Documents.

Microsoft is working to secure how Office handles Trusted Documents. These types of documents contain controls that can run without user interaction, including ActiveX controls, Dynamic data Exchange functions, and macros. These files are often used for innocent purposes but can be used as part of attacks by threat actors.

At the moment, Trusted Documents can override Protected View safeguards, but that won't be the case in the future.

"We are changing the behavior of Office applications to enforce policies that block Active Content (ex. macros, ActiveX, DDE) on Trusted Documents," reads the Microsoft 365 roadmap. "Previously, Active Content was allowed to run in Trusted Documents even when an IT administrator had set a policy to block it. As part of ongoing Office security hardening, the IT administrator's choice to block Active Content will now always take precedence over end-user set trusted documents."

Security risks stem from the fact that Trusted Documents can bypass policies set by IT administrators. Following the outlined change, Trusted Documents will follow set IT admin policies. This is a logical change as it moves decisions related to security to IT admins rather than end-users.

Attacks utilizing documents to fool people are nothing new. A recently discovered malware campaign used a Word document that tried to trick people into activating malicious code. The attack utilized a document that falsely claimed to be made with "Windows 11 Alpha." People could be fooled into thinking that they had to follow prompts from the document to make it work on their PC.

The roadmap states that the feature is in development and that it could arrive in October 2021, but dates on the Microsoft 365 roadmap are always subject to change.

Sean Endicott
Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_. 

Read more
Microsoft 365 app on Windows 11 with shortcuts to create documents in Word, PowerPoint, Excel, and other Microsoft 365 applictions.
This Microsoft 365 feature will nudge users to save files to OneDrive
The Microsoft logo on a smartphone and laptop arranged in Crockett, California, US, on Friday, Dec. 29, 2023.
Massive Microsoft account security change almost snuck out without enough warning
Outlook Client Hero
Did Microsoft just try to gaslight us? The tech giant has seemingly backtracked on changes to the account sign-in experience.
Binary code displayed on a laptop screen and Guy Fawkes mask are seen in this illustration photo.
Microsoft blocks critical Secure Boot loophole after over 7 months — fortifying Windows 11 against sophisticated firmware attacks camouflaged as verified UEFI apps
Outlook Client Hero
The new Outlook will be forced onto Windows 10 PCs next month, and there is no way to block it
Microsoft 365 home page on a Razer laptop
Office 2024 vs. Microsoft 365: Which should you buy?
Latest in Office 365
Microsoft Word logo in Windows 11 Search.
Microsoft quietly tests free, ad-supported version of Office apps for Windows with limited functionality
Microsoft 365 Copilot
Microsoft's new 'Microsoft 365' rebranding has us all perplexed. Again.
American football using Microsoft technology
How Microsoft 365 excelled my American football team to back-to-back northern championships
Microsoft Office
Final Microsoft 365 Insider blog post marks end of an era... sort of
Microsoft Word open on an HP Spectre x360 16 (2024)
Do you need to buy all of Office or is Word enough?
Microsoft PowerPoint on an iPhone
Microsoft's new iOS widget brings recently accessed Office 365 files directly to your home screen
Latest in News
UGreen x Genshin Impact charging accessories: image shows magnetic wireless charger, power bank, GaN charger and USB-C cable
UGreen drops a stunning Genshin Impact collection of charging accessories AND it's all on sale
Lies of P boss
Grab these must-play games at killer deal prices during the CDKeys Spring Festival
Alienware Area-51 laptops (2025)
Dell revives Alienware Area-51 with powerful new gaming PCs
The First Berserker: Khazan
The First Berserker: Khazan review and Metacritic score roundup — this stylish Soulslike sounds like a must-play action RPG
Seattle covered in snow in Vampire: The Masquerade Bloodlines 2
Vampire: The Masquerade - Bloodlines 2 gets one more delay, now launching in October
Call of Duty: Black Ops 6 accessibility settings at launch.
Activision user research workers form union under Microsoft