Solved

Disable Office macros in medium-sized domain environment WITHOUT using Group Policy

Posted on 2016-09-15
5
16 Views
Last Modified: 2016-11-04
A customer of ours is having security issues because users are allowed to enable and run Office macros (and are easily tricked into doing so by malware or instructions in spam messages).  

Ordinarily, I would just disable macros across their domain using Group Policy.  However, this customer opted to purchase retail/small business editions of Office in nearly all cases, and using GP to control non-volume licensed MS Office is not supported.  

They have Office 2007, 2010, and 2013 scattered across 75 or so PCs, shared by 150+ users.  In other words, touching each PC to do this manually is basically impractical.

Is there some other, centralized/automated way to control macro behavior?  How would you suggest we solve this problem?
0
Comment
Question by:AA-in-CA
  • 3
5 Comments
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 250 total points (awarded by participants)
ID: 41800259
Office 2010 can be controlled by GPOs in any edition, so can 2007. 2013 can be controlled using self-built administrative templates. It wasn't before 2016 that Microsoft crippled even that in order to make more money. Maybe you can find those admx to download somewhere (note: I am not talking about microsoft's non-working admx). Else, you'll need to identify the corresponding registry values and deploy those using group policy preferences.
1
 
LVL 14

Accepted Solution

by:
DrTribos earned 250 total points (awarded by participants)
ID: 41800948
This MS article basically covers how to do it via the registry.  So you could write a script to do it.

Lets just hope your clients users receive a script to undo the changes ;-0

https://blogs.technet.microsoft.com/diana_tudor/2014/12/02/microsoft-project-how-to-control-macro-settings-using-registry-keys/
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41866115
Both comments would suggest a registry edit. I recommend a split.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41873630
Splitting.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now