Saturday, January 17, 2009

Microsoft Office has identified a potential security concern





I'm sure that I'm not the only one that has been prompted with this wonderful Warning. Unfortunately I did some searching and nobody out there seems to care. Everything I found pointed to "don't worry, it doesn't hurt anything".

I had issue with just accepting that was good enough. I've also had users complain that this was misleading.

I tried to add urls to Internet Explorer's Trusted Sites and still had no luck. What I ended up discovering was that office was actually checking for this warning and completely ignored the trusted site. Some of it was the content is simply handled different by Office, such as .WMV files. Trying to link to a .WMV file from Outlook or a Power Point presentation was prompting for this warning.

To resolve it, this is what I found:

HKU\"user account"\Software\Policies\Microsoft\Office\12.0\Common\Security\DisableHyperLinkWarning = 0



Setting the key "DisableHyperLinkWarning" to "0" will prompt with the Security Warning. Setting the same key to "1" will suppress the prompt and make everyone happy.

There are a couple of issues to be aware of. If the content is disabled, like macros or blocked file extends, they will still be blocked. This will also apply to Word, Excel, Power Point, Outlook and Access. This won't fix InfoPath, and I haven't had a chance to test the other Office related products.

Update:

I don't think i posted the registry clearly enough.

HKEY_USERS\"User Account SID" \Software\Policies\Microsoft\Office\12.0\Common\Security\

You'll probably need to create the Reg_DWORD called "DisableHyperLinkWarning". It will have a value of 1.