Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET

Office trying to ‘phone home’ — unsecurely

Home Forums Office Office 2010 / 2013 General Issues Office trying to ‘phone home’ — unsecurely

Viewing 1 post (of 1 total)
  • Author
    Posts

  • RicklesP
    Member
    #165274

    Client system is behind firewalls/proxies which do not allow direct access to the Web, and very little downloading is permitted. Until the April cycle of updates, the Office 2010 ADMX GP templates gave us all we needed to prevent default behind-the-scenes attempts by Office components to contact the MS sites for themes, etc. but after the update cycle, each user sees 4 nag boxes the first time they open an Office module, such that access to an HTTP site is not permitted. Wireshark shows the site URL is ‘http://office14.microsoft.com/…’, and the resultant address does give an XML file with other URL links in it for Office stuff we want blocked. I’ve been thru every setting throughout the GP templates and have checked each setting available, but it won’t stop. Google searches have turned up nothing, either.

    I know HTTP is unsecure, and I don’t need Office’s default security settings to tell me that. But I also don’t get which update (out of 30 or so) has changed the behavior such that Office insists on trying to get to the unsecure site, then complain to the user that it’s unsafe to do so. If you acknowledge the nags for that app, they’ll go away for the rest of the day, but reappear the next day. So if a user has work for Word, Excel, PowerPoint and at least Visio every day, they’ve got to clear 16 nag boxes every day.

    Anyone got any ideas about how to turn this off?

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: