D Rek
asked on
New GPO to block macros in Office 2016 doesnt work
As per this article:
https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/
So I have downloaded the templates and loaded them on my win2012 R2 server (C:\Windows\PolicyDefiniti ons\ for ADMX file and C:\Windows\PolicyDefinitio ns\en-US for ADML file).
They appear in my GPO editor fine. I have enabled; User Config> Policies> Admin templates> MS Word 2016> Word Options> Security> Trust Center> Enabled 'Block macros from running in Office files from the internet'... As per the article.
The PC client in question is Win10 Enterprise edition, with Office 2016 Pro Plus installed, from an E3 Office 365 account.
I have received a spam email that contains a .doc file which has a macro and I know to be a virus (see attached screenshot of file). Opening this file fails to block the macro as its described in the technet article, it simply opens in protected view, which is standard behavior.
gpresult /r shows that the GPO is successfully applied. For testing I also enabled; User Config> Policies> Admin templates> MS Word 2016> Word Options> Customize Ribbon> display dev tab. Enabled this in the same GPO works, the developer tab appears in Word, so it seems the GPO is applied and working.
Why does the block macros option not work? anyone else made this GPO work?
scr.png
https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/
So I have downloaded the templates and loaded them on my win2012 R2 server (C:\Windows\PolicyDefiniti
They appear in my GPO editor fine. I have enabled; User Config> Policies> Admin templates> MS Word 2016> Word Options> Security> Trust Center> Enabled 'Block macros from running in Office files from the internet'... As per the article.
The PC client in question is Win10 Enterprise edition, with Office 2016 Pro Plus installed, from an E3 Office 365 account.
I have received a spam email that contains a .doc file which has a macro and I know to be a virus (see attached screenshot of file). Opening this file fails to block the macro as its described in the technet article, it simply opens in protected view, which is standard behavior.
gpresult /r shows that the GPO is successfully applied. For testing I also enabled; User Config> Policies> Admin templates> MS Word 2016> Word Options> Customize Ribbon> display dev tab. Enabled this in the same GPO works, the developer tab appears in Word, so it seems the GPO is applied and working.
Why does the block macros option not work? anyone else made this GPO work?
scr.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also, get rid of James... he's trouble
ASKER