Hi, Modesto Estrada here with the Microsoft Office Sustained Engineering Security team. I wanted to shed even more light on last month's blog post regarding the future availability of the Office File Validation backport. As we move forward towards our release (CYQ1 2011), we will continue to update this blog with additional information for customers. Please watch this space for future posts on File Validation. Topics we plan to discuss in the future are deployment of … as well as troubleshooting issues.
Today’s entry is about the user experience and what you will see when Office File Validation fails and the Office Trust Center.
When we were creating the dialog boxes for failed file validation, it is a general concern that users have grown accustomed to dialog boxes, and click through them without even reading the message. In an effort to dissuade any apathy, we’ve taken a more aggressive stance by communicating the potential for malicious intent. When a user opens a Word, Excel, PowerPoint, or Publisher 97-2003 file (what happens during the open), and that file fails Office File Validation the user will be presented with the following dialog box (this is the Default Behavior).
This will allow the user the ability to either cancel or continue opening the document. In this situation we strongly recommend that the user select cancel and notify the creator or sender of the document’s potential issues.
At any time, if you feel a document you have may have been compromised please feel free to send your file to firstname.lastname@example.org.
NOTE: Microsoft Office 2003 and 2007 do NOT have Protected View which would allow opening of the documents in a protected sandboxed environment. Protected View only exists in Office 2010.
Office 2007 Trust Center
With the introduction of Office Trust Center in 2007 you can use this in conjunction with Office File Validation. By setting a trusted location in the Trust Center any files opened from this location will NOT be run through the validation process.
Add your document location to the trusted path
For IT Pros:
As an IT Admin we all know some users can be quick to click through dialog boxes. Office File Validation will provide you with the ability to set a registry key via Group Policy which will prevent the user from even opening the file.
The following registry keys will change the file open behavior (to be documented in a TechNet article once our File Validation backport is live).Value: InvalidFileUIOptionsType: REG_DWORDDefault: 0Description: When Office File Validations fails0 = Notify user file failed. Give user the option to load the file or not 1 = Notify user file failed. No option to load the file.2007HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Excel\Security\FileValidationHKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\Word\Security\FileValidationHKEY_CURRENT_USER\Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\FileValidation2003HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Excel\Security\FileValidationHKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Word\Security\FileValidationHKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\PowerPoint\Security\FileValidationIf the dialog is displayed on the users’ machine Office File Validation will also log an event in the Application event log. This will give you the ability to remotely look for validation failures across your organization.
You can set the trusted location via Group Policy.
Modesto and The Office File Validation Backport team
What is the additional footprint on this?
I like the idea of it, but deploying this on multiple machines with varying hardware (RAM, processing power etc).
Also, the way I read this it's 'run once', but will the finished program be running in the background?
Thanks for the question. The footprint were adding is the gatekeeper definition file that the respective Office program will use to compare the document. We only call the DLL when the "File|Open" request has been submitted by the user. Basically Office File Validation is a yes/no function but a really important function. There won't be a service that is constantly running in the background.
How will this "office file validation" backport be distributed? Via an office security update?
The backport will be distributed via the Microsoft Download Center as well as the Microsoft Update Service. Here is more information covering the deployment scenario.