Note: Not all options may be available for this policy setting.- Do not block: The file type will not be blocked.- Save blocked: Saving of the file type will be blocked.- Open/Save blocked, use open policy: Both opening and saving of the file type will be blocked. If you enable this policy setting, you can specify whether users can open, view, edit, or save files.The options that can be selected are below. If you would like to know more about the new Safe Documents feature, you can find all the details here.This policy setting allows you to determine whether users can open, view, edit, or save Word files with the format specified by the title of this policy setting. Unfortunately, Microsoft is only making Safe Documents available to those who have a Microsoft 365 E5 or Microsoft 365 E5 Security subscription. The second thing you need to know about Safe Documents is that not every Microsoft 365 customer will have access to the Safe Documents feature. Otherwise, you risk exposing users to malicious content. Incidentally, Microsoft also provides a checkbox labeled "Allow People to Click Through Protected View Even if Safe Documents Identifies the File as Malicious." As a general rule, you should not select this checkbox unless you have a very good reason for doing so. Finally, select the checkbox labeled "Turn On Safe Documents for Office Clients." You can find the checkbox just beneath the "Help People Stay Safe When Trusting a File to Open Outside Protected View in Office Applications" section. From there, navigate through the console tree to Threat Management | Policy | ATP Safe Attachments. You can enable Safe Documents by logging into Microsoft 365 as an administrator and opening the Security and Compliance Center. The idea is that rather than simply displaying a generic warning message like the one shown in Figure 1, Office is now able to identify specific threats and can warn users if it finds that a document is indeed malicious.Īlthough the Safe Documents feature is relatively straightforward, there are two important things that you need to know about it.įirst, Safe Documents is not enabled by default. Safe Documents uses Microsoft Defender Advanced Threat Protection to scan documents that are open in Protected View. Thankfully, Microsoft has recently implemented a new type of document safety, which it has aptly named Safe Documents. In fact, I try to be diligent about keeping my network secure, but there has been more than one occasion in which I have accidentally clicked the Enable Editing button, just because I am in the habit of having to click that button whenever I open one of my own documents. While there is nothing wrong with allowing Protected View to act as a generic protective mechanism, users become conditioned to simply click the Enable Editing button as soon as they open a document, thereby completely bypassing the protection provided by Protected View. I mention this as a way of pointing out that Protected View makes no distinction between a malicious document and a safe document, or between a document that you created yourself and a document that you downloaded from a dubious source on the Internet. Needless to say, I didn't include anything malicious in the document. Consider, for example, that the screen capture shown above was taken from a document that I authored on my own computer and saved to my own network. Figure 1: Protected view causes Office documents to be treated as read only.Īlthough Protected View has its place, it isn't perfect. You can see what Protected View looks like in Figure 1.
PROTECTED VIEW MICROSOFT WORD CODE
This helps insulate the user against any malicious code that might be embedded in the document. Protected View causes an Office document to be treated as Read Only unless the user specifically enables editing of the document. Later, it incorporated the Protected View feature that is still in use today. Initially, Microsoft made it so that Office document macros did not automatically execute. Since then, Microsoft has taken a number of steps to protect Office users against potentially malicious documents. At the time, Office applications such as Word and Excel executed macros automatically, so just opening a malicious document could result in your system being harmed. It explained that malware authors had begun creating Office documents that included malicious macros. The company I worked for sent out a memo warning us to be careful about opening Office documents that had not been created in-house. At the time, I was working as an author for a tech journal. I will never forget a memo I received back in the late 1990s.