Microsoft Office 2010 Engineering

Office Blogs

What is DEP?

DEP is a security feature that was introduced in Windows XP Service Pack 2 and Windows 2003 server, service pack 1. More general information on DEP can be found in this Microsoft knowledge base article.

When a program is launched, memory pages are allocated for that program. These pages in memory will have a ‘marker’ to indicate if they are executable or not. If a page is marked as executable, then code within that memory address will be allowed to run. If the page is not marked as executable, then it will not be allowed to run. When DEP is enabled, if code attempts to run from within a page that is not marked as executable, then a DEP exception is raised and the process that is running is terminated.

Now, when malware infects your computer, the first thing it will try to do is write its ‘bad code’ into your computer’s memory areas that are marked as writable and executable. Next, the malware will try to run that malicious code. When this step happens, and DEP is enabled, all you will see is your Office application crashing. From a security perspective, what occurred was Office had stopped potential malware from executing and shut itself down in order to help keep your computer safe.

How can I know if a program is running with DEP enabled?

The easiest method is to use Task Manager. In Task Manager, make sure the column “Data Execution Prevention” is visible. Now, every process that is running with DEP enforced will have the label “Enabled” beside it. To illustrate, the figure below shows winword.exe is running and DEP has been enforced for that process:

How does Office implement DEP?

Office applications, when booted, will call into the GetSystemDEPPolicy function to determine your computers DEP policy. This API will return one of the following results, and will behave as follows:

AlwaysOn – your Office applications will always run with DEP enabled. There is no way to change this without modifying your systems boot configuration file, and restarting your computer.
AlwaysOff – your Office applications will always run with DEP disabled. There is no way to change this without modifying your systems boot configuration file, and restarting your computer.
OptIn – Each Office application can be configured in the trust center (see the section below) to determine if it should run with DEP enabled.
OptOut - Each Office application can be configured in the trust center (see the section below) to determine if it should run with DEP enabled.

If it is determined that an Office application needs to run with DEP enabled, the application will then call into the SetProcessDEPPolicy to ensure DEP is permanently enabled for that processes lifespan. By doing this, we ensure all other binaries loaded into the Office process will have DEP enforced too.

What configuration choices do I have as an IT Professional?

For 64-bit installs, DEP will always be enforced for Office applications. On 32-bit installs, you can configure if you want DEP at the application level within Trust Center. For applications that support Protected View, you will find the option to configure DEP in the Protected View tab. For all other Office applications, you will find the setting in the DEP tab, as shown below:

Figure: Configure DEP Settings for Office Applications that support Protected View

Figure: Configure DEP Settings for Office Applications that do not support Protected View

If the option for enabling DEP is grayed out in the trust center, this is because either the AlwaysOn or the AlwaysOff has been set for your computer.

The option to configure these trust center options is also available in the group policy templates as shown below for Word:

As a developer, how can DEP affect my applications?

In most cases, your code will not be affected by DEP. If however, your code requires writing into memory locations that are not marked as executable, and then tries to execute that code (such as JIT compilers do), then you will have a few options. The first option is to rewrite you code to no longer execute in this manner. If you do not have access to the source code, or getting newer add-in is not possible, then you can disable DEP using the instructions provided earlier. The last option is to use the VirtualProtect function. VirtualProtect let you write your code into memory into a page that is marked as Write and Execute. Once you are done writing, the Write attribute can be removed. This ensures that you can execute your code at a later time and an exception will not be raised. By removing the Write attribute ensures malware will not be able to infect your memory location.

What does a DEP exception look like?

In the majority of cases, a DEP failure will occur for add-ins you have installed, and not within an Office application. When an add-in triggers a DEP exception, the Office application will terminate and appear as if a normal crash had occurred. When the Office application is restarted, you will be presented with a dialog similar to the one below:

In this example my add-in, the ‘my vc test com add-in’ had caused Office to become unstable. At this point in time I am given two options. The first option is to disable the add-in from loading, and the second is to try reloading the add-in. My recommendation would be to disable the add-in and let Office boot up normally. Once the Office application starts, I would look in the add-in manger for my add-in and the reason why it was disabled.

In the illustration below, I am able to see that my “add-in was disabled by the user after a Data Execution Failure” had occurred.

At this point, I would keep the add-in disabled until I was able to get a newer version that is DEP friendly.

In conclusion, Office 2010 now ships out of the box with DEP enabled. Data Execution Prevention is a feature that helps keep your computer safe by making sure code that is not intended to execute, never gets that chance.

Thanks.
Vikas Malhotra
Security Program Manager
Office Trustworthy Computing

Posted: Thursday, February 04, 2010 4:04 PM by OffTeam | 2 Comments

Office 2010 Improvements for Cropping Pictures

Hi, again, I’m Tucker Hatfield, a Program Manager on the Office Graphics team with another post on improvements for using pictures in documents in Office 2010. This time we’re looking at the improvements to cropping pictures in Word, PowerPoint, Excel, and Outlook.

When planning our new features for this version of Office, we did a lot of research to find out more about the common tasks people do with pictures in Office. Cropping was overwhelmingly the most-used bit of editing used on pictures, so one of the first things we started work on was making cropping an easier-to-use and more powerful tool.

First of all, we wanted crop to allow you to see both what you were keeping and what you’d cropped out of an image. As an example, let’s say I wanted to insert this picture in my document, but I wanted to emphasize the flower by cropping out the leaves.

To do this, I would go to the Picture Tools contextual tab and select Crop to go into cropping mode.

In previous versions of Office, when you moved the crop handles anything outside of the crop rectangle became invisible, which can make it hard to quickly find the best cropping for a picture.

As you can see below, now when you move crop handles on a picture the full picture is shown with the portions outside of the crop area grayed out.

Positioning the crop area is easier now, too. You can click on the picture and “slide” it around behind the crop frame or grab the crop frame and move it around over the picture. This makes fine-tuning what you want to be visible much easier.

Normally when you go into cropping mode the cropping rectangle starts out the same size as the original picture. We realized that there are going to be times when you want to trim a picture to a specific ratio, so we added a drop-down menu to allow you to choose the initial proportions of the crop frame.

Choosing a size will make the original crop rectangle start out at that proportion, fitted to the bounds of the picture. Note that we’ve included 16:9 and 16:10 in the Landscape section, in order to make formatting pictures to fit widescreen easier.

Once you’ve chosen an aspect ratio, the crop rectangle can then be resized freely or you can press Shift while you resize from the corners to retain the aspect ratio. Below is an example where I’ve selected the 1:1 aspect ratio.

But what if you don’t want a simple rectangle? You may know that you could apply a shape to a picture using Picture Shape in previous versions of Office. However, when you did, getting the shape oriented the way you wanted it relative to the picture was usually a matter of editing numbers by trial and error in crop section of the Size dialog.

In 2010 we’ve moved the shapes gallery to the Crop button, where making an image fit in a shape can done very easily visually by choosing Crop to Shape.

Since you can resize the shape and move the shape relative to the picture, getting exactly the result you want is now very easy.

Of course, then you can add shape effects to make the result really pop.

Another common source of frustration for our users occurs when they insert a shape and put a picture fill in it. The normal behavior is that when the picture is filled in the shape it gets squished down to fit inside the shape. We’ve preserved that as the default behavior because we know some customers rely on it not changing, but we’ve made fitting pictures in shapes easier by allowing you to use the crop mode on filled shapes, too. By going into crop mode you can manually resize the image to the proportions you want. To make things even easier we’ve added options to automatically Fill or Fit pictures into the shape. Simply click on one of these options and Fill will scale the picture to completely fill the shape while retaining the proportions of the original picture, while Fit will scale the picture so that it fits entirely within the shape. The examples below show the difference.

We’ve also enabled cropping for pictures in SmartArt graphics. If you’ve ever tried using pictures in a SmartArt graphic and been frustrated by the way the image fits, you’ll find that fixing that is much easier now. You can resize and reposition the picture to make it look the way you want. Just to make sure you don’t accidentally change the layout of the shapes in your SmartArt graphic, we lock the shape so it can’t be moved when you’re in cropping mode. You can still easily move or resize the picture shape when not in cropping mode, of course.

With all of these changes we’ve made the most common task you’re likely to do with pictures easier as well as more powerful. We’re confident that they will help you find new and more creative ways to include pictures in your documents, especially when you combine cropping with the many other improvements you’ll find in Office 2010.

Until next time…

In the meantime, we’d love to hear any questions or comments on how these features are working for you. Please let us know if there are any specific topics you’d like to see us write about.

Tucker Hatfield, Program Manager, Office Graphics

Posted: Monday, February 01, 2010 4:57 PM by OffTeam | 9 Comments

Filed under: Photos, Pictures

Check out the InfoPath "5 for forms" Video Demo Series

The InfoPath team has a great series of posts on the InfoPath team blog. If you would like to meet the people behind the product and learn about new InfoPath 2010 features, then check out our "5 for forms" video demo series. Each week a member of the product team demos a cool, new InfoPath 2010 feature or scenario in less than 5 minutes.

In this series, discover how easy it is to build powerful applications on SharePoint, using InfoPath and InfoPath Forms Services 2010 - no code required! Learn about customizing SharePoint list forms, creating mashups using the InfoPath Form Web Part, building applications that integrate with SharePoint Workflows and Business Connectivity Services, building smarts into your forms using our new out-of-the-box rules, and much, much more...

Check out the video demos that have been posted to date:

The following video demos will be posted in February:

2/4 - Create a Loan Calculator application using the InfoPath and Excel Web Parts
2/11 - Add a dynamic map to a contacts form using REST Web Service data connections
2/18 - Package and Re-use an existing SharePoint custom list
2/25 - Build an application portal using InfoPath and SharePoint Web Parts

We hope you tune in. We'd love to hear your feedback on InfoPath 2010.

Laura Harrington (InfoPath Program Manager)

Posted: Friday, January 29, 2010 8:00 AM by OffTeam | 1 Comments

Filed under: InfoPath

Business Intelligence Features in Excel 2010

The Excel team has made a number of improvements in the Business Intelligence area for Excel 2010, which have been covered in-depth on the Excel Team Blog.

First, the team added slicers, which are visual controls that allow you to quickly and easily filter your data in an interactive way. Slicers can connect to PivotTables, PivotCharts, and CUBE functions to creative interactive dashboards:

Part of an interactive Dashboard with Slicers and PivotCharts

A number of enhancements have been made to PivotTables- including the ability to modify values in PivotTable cells (writeback), more flexibility and power through named sets, and a series of other enhancements.

A new search filter is available for tables and PivotTables, which allows you to quickly navigate through large data sets.

The New Search Filter

Finally, the Excel and SQL teams have collaborated to create a PowerPivot, a powerful data analysis tool made up of two components: an add-in for Excel 2010 and a series of new features for SharePoint 2010.

"Designed for business users, PowerPivot […] delivers unmatched computational power directly within the application users already know and love — Excel. Leveraging familiar Excel features, users can transform enormous quantities of data from virtually any source with incredible speed into meaningful information to get the answers they need in seconds."

PowerPivot add-in for Excel 2010

Here's the full list of Excel blog posts about Slicers, PivotTable Improvements, and PowerPivot.

Slicers

Table and PivotTable Improvements

PowerPivot

Also, read about improvements in other areas of Excel:

Posted: Thursday, January 28, 2010 8:00 AM by OffTeam | 3 Comments

Office 2010 Technology in Action at the Winter Games in Vancouver

Over the past few months, we’ve highlighted many of the new features that will be available in Office 2010 – and many of you have downloaded the beta to try them out for yourself. In fact, as we reported at CES, more than 2.5 million of you have downloaded the beta already.

Now two other will join the beta ranks. Microsoft, along with many of you has caught the Vancouver 2010 fever and we figured what better place to try out some of the new features of Office 2010. Two bloggers, Amber Johnson Borowski and Dylan Derryberry will use the Office 2010 beta technology to blog live from the Games come February as the winners of our Office Winter Games contest.

Some of the new features these two bloggers will be using to report from Vancouver include:

The new Office Web Apps will help them easily access and share their notes, documents and work from anywhere there is an internet connection.
The Office 2010 Mobile beta, which will be available on their new Windows Phones helping them takes notes and report while on the go.
New features in PowerPoint 2010 let them embed and edit videos right within the application to create a cool presentations they can then post on their blogs.
New photo editing tools like the background removal within Word 2010, will make it easier for them to include and format photos without needing additional programs.
Co-authoring in Word 2010 can help them work with others and collaborate with people not at the games.

While there, they will use many of the features we talk about and be able to put them through their paces. Are there other features you would like for these Blogathletes to use while reporting from the Games? If so let us know. We’d love to hear your thoughts and ideas.

Posted: Tuesday, January 26, 2010 4:06 PM by OffTeam | 1 Comments

Accessing Office Documents Using Your Phone

A few weeks back we introduced Mobility in Office 2010 where we talked about Microsoft® Office Mobile 2010 (for Windows® phones) and Office 2010 Mobile viewers (for non-Windows phones). That post very briefly touched upon how documents can be accessed while on-the-go using either SharePoint® Workspace Mobile 2010 or Office 2010 Mobile viewers. In this post we will talk in more details how you can access your documents on-the-go.

Imagine you are at a café waiting for the next customer meeting – now you can access your presentation for a quick rehearsal using your phone. Or imagine you are in a taxi - now you can review & give feedback to a proposal that a colleague has uploaded on a team site. Or imagine you are at airport lounge waiting for your flight – now you can make a final edit to a shared document before you board a flight for a great vacation. Yes all this and much more is now possible using your phone with Office 2010, so let’s walkthrough how these new features can make you more productive while you are away from your desk.

Consider you are a financial consultant working in a team that specializes in financial statement preparations. You uploaded a presentation for your client that analyzes the operational result for the current fiscal year. While you are out of office you decide to do a quick review of the presentation.

Using a Windows phone to access Office documents

If you are using a Windows phone (running Windows Mobile® 6.5 or higher) then you can now use SharePoint Workspace Mobile 2010 to connect to your SharePoint server which hosts this presentation.

If you have accessed this presentation using your phone then it will automatically show up in default view of SharePoint Workspace Mobile 2010 “Recent Documents”.

However if you have not accessed this presentation but accessed your team site using your phone then that location will show up under “Recent Links” view of SharePoint Workspace Mobile 2010.

You can even browse to a new location by entering the server URL in the address bar. Tapping on any of the item in the list will take you inside that location for example if you tap on a site then it will show its content and similarly if you tap on a document library then it will show you all the documents inside that library. You can even pin any link if you want it to be always available on your phone for quick access.

So going back to the scenario, consider you got to the presentation you were looking for. You tap on the presentation name to open it in PowerPoint® Mobile 2010 application. After a quick review you decide to send the same document to your colleagues for a review, you use SharePoint Workspace Mobile 2010 for sending a link to this presentation.

Now consider that your colleague is also away and wishes to do a quick review of a document you sent. He clicks on the link in the e-mail and SharePoint Workspace Mobile 2010 opens the document in server connected mode. He reviews and replies back with his feedback on the presentation.

Using other smartphones to access Office documents

If you are using other types of smartphones (not a Windows phone) you can access your Microsoft Office documents using Office 2010 Mobile viewers.

Let’s walkthrough the different settings/features so you know how Office 2010 Mobile viewers can help you with your work when you are away from desk.

Word Mobile Viewer

Say you’ve asked your colleague to update a Microsoft Word document before sending it to customer. You’ve got your colleague’s email saying that the updates are done and a link to find the latest files. Click on the URL and the browser opens, launching Word Mobile Viewer to display the document in a format that’s suited for mobile viewing. By default, you would get text view like image #1. If you know that this document is heavy in pictures and diagrams, you can switch to image view like image #2. You can navigate the pages (next slide/previous slide) with the navigation bar at the top of the screen. Clicking on the button with Office logo on the top left hand corner would get you to the menu area enabling you to do more actions with the document. Let’s look at what features we have for Word Mobile Viewer at image #3.

There are a few features to call out from this menu area which should come in handy especially when you are working with smaller screens like a mobile phone. Using Find and Go to page you can quickly jump to the desired location in your document like you do with Word on the desktop. Alternatively, you can use Thumbnail Index (illustrated in image #4). This feature is useful when you would like to quickly browse the pages in smaller icons. Once you’ve found the desired page, you can delve right into the page by selecting the link with the associated page.

Excel Mobile Viewer

Excel® Mobile Viewer renders spreadsheets in a way that enables mobile viewing with ease by displaying a small set of rows and columns. To maximize efficiency and a consistent user experience, there are also features provided that aide you to quickly navigate to a desired location. Let’s walk through a simple scenario to illustrate navigation in the Excel Mobile Viewer.

The image below shows the menu area of Excel Mobile Viewer.

Say you are an event planner for an upcoming launch event for a new product, and just called the DJ of the event to make sure which genre of music will be played. You can use your mobile phone to access previously created Excel files to get more information. After the spreadsheet is opened in your browser, you select the menu button on top left (image #6) to go to the menu area. You then select Find, and type in the DJ’s name to search for the row with her phone number (image #7). After pressing Find, you are presented with the results as illustrated in image #8. The link on top displays the cell that the matched data is in. The text/data that matches your search characters is marked in red. Adjacent columns and rows will also be shown. If you click on the link, you will be pointed directly to that cell in the worksheet (image #9).

Another useful feature when viewing spreadsheets is Freeze Column or Row. This feature is very similar to the Freeze features available in Excel on desktop. Freeze is perhaps even handier since now you are working with a device that’s smaller in screen size. Say you want to freeze row 3 in image #6, so that no matter how further down you go in the spreadsheet, you would still be able to see this row.

First choose Freeze Column or Row from the menu area, and then select whether you want to freeze by row or column. In this case, you select row then click next (image #10). In the next page you can enter the row number you’d like to freeze (image #11). Now, the row title will always be visible while you’re viewing the spreadsheet.

Two other cool features in the Excel mobile viewer are:

Click Go to Sheet to select the sheet in workbook you’d like to open in the viewer (image #12). Clicking on “Contact” link would get you to Contact sheet directly as in image #13.

Another feature is View Charts in Current Sheet. This feature would show if there’s charts in current sheet. If you select it, you would see the chart that’s residing in current sheet (image #14).

PowerPoint Mobile Viewer

Viewing PowerPoint slide deck is similar to viewing Word and Excel so we won’t get into details on topics such as thumbnail view, find, go to sheet, next/previous slide, etc. Image#15 is the menu area of PowerPoint Mobile Viewer.

Two views specific to PowerPoint are Outline View and Slide View. You are able to switch in between the two views depending on whether you want to focus only on the text portion of the slide w/Outline view (Image#16) or if you want to be able to view the entire slide deck in general including the graphical aspect /Slide view (Image#17).

What’s most interesting about PowerPoint Mobile Viewer besides opening and viewing a file is the ability to view slides that are being broadcasted by a remote presenter (Shared Slide Show is a new feature in Microsoft PowerPoint 2010). For instance, say you are stuck in an airport lounge and a meeting is just about to start. You can use your mobile phone to open the email that’s been sent to you by presenter and click on the broadcast URL. Using this feature, you can view the slides and always stay in sync with the presenter just like if you were attending the presentation in person. (Image #18)

We hope you enjoy this post. In the next few weeks we’ll continue to introduce more mobile functionality in Office 2010.

Posted: Monday, January 25, 2010 5:12 PM by OffTeam | 5 Comments

Filed under: Mobile

Office 2010 System Requirements

Hi everyone! My name is Alex Dubec and I’m a Program Manager on the Office Trustworthy Computing Performance team. My team is responsible for compiling system requirements across Office, and I’d like to give you a behind-the-scenes look at how we determine system requirements and the hardware your computer requires to run Office 2010.

Before diving into all the details, I want to answer a question that I’m sure is on all of your minds:

Can I use Office 2010 on the same hardware I’m using to run Office 2007?

In most cases, yes! CPU and RAM requirements for Office 2010 are the same as for Office 2007, so if your computer meets the Office 2007 system requirements, you can run Office 2010. A graphics chipset will help boost the performance of certain features and disk footprint has increased (more on these points later), but as general rules:

If your current computer can run Office 2007, it can run Office 2010.
If you’re purchasing a new laptop or netbook, it can run Office 2010.
If you have a computer with a multi-core processor, it can run Office 2010 even faster.
If your computer is currently running Office 2003, it’s possible that it can run Office 2010 (check the requirements to be sure).

What do the hardware requirements mean?

First off, I’d like to explain what level of performance you can expect from minimum-requirement hardware. The minimum hardware spec is about defining the kind of computer that an average Office customer needs to have in order to have an acceptable experience performing typical tasks. This means tasks like opening up and editing a 20-page report. Tasks like creating some simple pie charts or scatterplots that highlight your findings, and putting together a few slides summarizing your results for that meeting next Tuesday. Or even tasks like writing up your blog post about system requirements. You should also be able to comfortably run two applications simultaneously.

As you might expect, more intensive tasks benefit from fast chips, more RAM, or speedy hard drives, and newer hardware makes everyday tasks faster – but the hardware requirements aren’t about making Office 2010 blazing fast, or about running several applications at once, or about crunching financial models in a giant spreadsheet. They’re simply about getting typical tasks done.

A lot of other pieces of software carry both “minimum” and “recommended” hardware requirements, and you might be wondering why Office 2010 doesn’t have “recommended” requirements. The reason for this is that customers have told us that understanding hardware requirements can be confusing, and the difference in meaning between “minimum” and “recommended” requirements isn’t all that clear. For example, if the minimum RAM requirement for a program is listed as 1 GB, but 2 GB is recommended, what does that really mean? Does the customer need 1 GB or 2 GB? By including minimums, we’ve tried to make the hardware requirements as clear as possible.

How do we approach Office 2010’s hardware requirements?

CPU and RAM requirements approximately doubled between Office 2003 and Office 2007, as you can see below:

One of the pieces of feedback we’ve received from customers is that they really, really hate having to buy new hardware every time a new version of Office is released. With that in mind, one of our goals for the Office 2010 was to make sure that the minimum hardware requirement would not increase from Office 2007. We invested in improving the customer experience on minimum-requirement hardware, and we regularly tested performance throughout the development cycle. Our footprint has gotten larger since Office 2007, but we’re proud to say that we’ve succeeded in keeping the CPU and RAM requirements the same as for Office 2007.

How do you verify the CPU and RAM requirements?

To be objective about our hardware requirements, we maintain a performance test lab of machines with the following specifications:

Intel Pentium III processor, 500 MHz
256 MB PC100 SDRAM
Windows XP Professional with Service Pack 3

I have one of these machines in my office, and when I got it I couldn’t help but laugh: it was manufactured in January 2000. Maintaining that machine and our lab becomes more challenging as time goes on – this hardware hasn’t been in production for years, and it keeps getting harder to find replacement parts when stuff breaks!

We verified our requirements using this hardware with the following tests:

We measured benchmark times for 200 typical user scenarios and 1300 additional scenarios in both Office 2007 and Office 2010. The data we collected showed that Office 2010 performance on minimum-requirement hardware is comparable to Office 2007.
Along the same lines, we tested memory use for the typical user scenarios, and found that memory use was comparable to Office 2007. Also, we never reached 100% memory utilization during our tests.
Finally, members of our team used the test computers instead of their regular desktops for a week and reported on the experience. Performance was, as you might expect, slower than on average hardware, but nobody pulled out any hair (for reference, we believe that the “average computer” has a 2.1 GHz dual-core processor and 2 GB of RAM. We collect this sort of information through the Customer Experience Improvement Program, which Peter Koss-Nobel has explained in more detail in his blog post here.)

With this data in hand, we’re comfortable with a 500 MHz CPU and 256 MB of RAM as appropriate minimum requirements for Office 2010. To give this a bit of context, some of the least powerful computers available today are netbooks, and our data suggests that the average current netbook has a 1.6 GHz CPU and 1 GB of RAM – which is significantly more powerful than our minimum requirement.

What about disk space?

We haven’t changed the CPU or RAM requirements from Office 2007, but the footprint of most Office applications have gotten larger. These changes force us to increase the system requirements – most standalone application disk-space requirements have gone up by 0.5 GB and the suites have increased by 1.0 or 1.5 GB.

There are a few reasons for these changes:

New features. New features mean more code. Also, even if you’re installing 32-bit Office, code changes to support the introduction of 64-bit Office increase our footprint.
Office-wide Ribbon implementation. In Office 2010, you’ll see the Ribbon in all Office applications.
Different suites. In the case Office Professional, the 2007 suite didn’t include OneNote; Office Professional 2010 does. Some distributions of Home and Student 2010 and Home and Business 2010 (such as the boxed retail versions) also include optional trial versions of Professional 2010 applications, which we’ve included in our disk requirements.
Conservatism. We tend to be overly conservative when drafting hard disk requirements, and we round up to the nearest GB or 0.5 GB. For example, if we measure an application’s footprint to be 1.63 GB, our requirement will be 2.0 GB. If our measurement reads 1.99 GB, we’ll make the system requirement 2.5 GB. Our requirements are larger than the actual disk space usage of the software – and we intentionally oversize them just to be safe.

What operating systems are supported?

To determine which operating systems would be supported for Office 2010, we prioritized based on usage statistics for a given OS, as well as the engineering costs associated with ensuring compatibility and providing customer support for that OS. The following charts summarize OS compatibility for Office 2010.

Table of 32-bit operating systems that 32-bit Office 2010 supports. Everything in the table is supported. Those Operating systems are Windows 7, Windows Vista SP1, Windows XP SP3, Windows Server 2008, Windows Server 2003 R2 with MSXML 6.0.

Table of 64-bit operating systems. Those Operating systems are Windows 7, Windows Vista SP1, Windows XP SP3, Windows Server 2008, Windows Server 2003 R2 with MSXML 6.0. 32-bit Office 2010 is supported on all. 64-bit Office 2010 is supported on all except Windows Server 2003 R2 with MSXML 6.0

Why is there a new graphics processor requirement?

If you’ve checked out Office 2010’s full system requirements, you’ve probably noticed the new graphics processor (GPU) requirement, and might be wondering what that’s all about. Another piece of feedback we received after releasing Office 2007 is that customers were interested in harnessing more of the potential of their PCs. Many computers in 2007 and most computers today have graphics processors separate from the CPU (this doesn’t necessarily mean a dedicated graphics card; for example, most laptops don’t have a physical graphics card, but do come with a graphics processor). If your computer has a GPU, it lets us perform graphics rendering tasks (like drawing charts in Excel, or transitions in PowerPoint) in the GPU instead of in the CPU, which parallelizes work and speeds up performance. This is particularly relevant for users of PowerPoint 2010, which will introduce some awesome new graphics and video integration features (more info at the PowerPoint team blog).

We chose to design for Microsoft® DirectX® 9.0c compliant graphics processors with 64 MB video memory. These processors were widely available in 2007, and most computers available today include a graphics processor that meets or exceed this standard. However, like our CPU and RAM requirements, this requirement is targeted for typical tasks – if you intensively use graphics features, you’ll benefit from a more powerful GPU.

If you want to verify the specs of the graphics core in your computer, the DirectX Diagnostic Tool will help:

First, run ‘dxdiag’ from Run. This will bring up the Diagnostic Tool.
Click on the Display tab: the DirectX version your graphics processor is using is listed next to ‘DDI Version’.
Unfortunately, the Diagnostic Tool does not list your video memory, but the Device information on the Display tab will help you find the manufacturer’s specifications for your device.

Again, to put this requirement in context, the graphics chipsets in many netbooks are capable of using up to 224 MB or 256 MB of memory – which greatly exceeds our system requirement.

What if I don’t have a graphics processor that meets the requirement?

If you’re interested in upgrading from Office 2007, and you don’t have a GPU that meets the requirement, don’t worry – you can still use Office 2010. A graphics processor that meets or exceeds the standard will help speed up some of the graphics features you’ve used in earlier versions of Office, and it will help you use advanced transitions, animations, and video features new to PowerPoint 2010. We think a graphics processor will enhance your Office 2010 experience, but again, if your computer doesn’t have one, you can still run Office 2010.

It will come as no surprise that the performance of Office 2010 benefits more RAM, a faster CPU, or newer hardware. If you’re looking to buy a new computer, or if you’re running Windows Vista, Windows 7, or Windows Server 2008, you probably already have a machine that far exceeds the minimum requirements for Office 2010 (although you should check first, just to be safe). That said, I hope that I’ve given you some insight into how we develop system requirements and what they represent. Thanks for reading!

Posted: Friday, January 22, 2010 4:31 PM by OffTeam | 35 Comments

Filed under: Performance

A Few Announcements

Just in case everyone hasn’t seen the exciting news, today we announced a new concept test prototype for Office (Word, Excel, and PowerPoint) called Ribbon Hero. Ribbon Hero explores a new approach to Office training that’s designed to deliver a fun, engaging experience to aid users in exploring the features available in Office. Unlike traditional training, Ribbon Hero presents a game-like environment for learning and lets users compare their scores and feature usage on Facebook. Head over to the Office Labs blog post to read more about Ribbon Hero and try it for yourself!

On a different note, the Office International blog just made a post listing several Technet articles that help customers who are planning to deploy Office 2010 with multiple languages. Check out the details here.

Enjoy!

Posted: Wednesday, January 20, 2010 12:13 AM by OffTeam | 2 Comments

Product Planning in Office 2010

My name is Scott Gordon – I am the Group Product Planner for the Microsoft Business Division. My team and I work closely with the Office engineers to represent the voice of you, our customers, in the product development cycle.

How do interactions with customers represent your voice in our product development efforts? Our approach reminds me of an experience a friend of mine had a while ago as a SCUBA instructor. He was asked by a team of animators how to SCUBA dive. They were preparing to create a film about creatures under the sea but no one on the team had actually been under the sea. They wanted to experience what that was like first hand, so my friend taught the animators of Pixar’s Finding Nemo how to SCUBA dive.

In many ways our job is to provide a similar experience for the engineering teams in Office. Perhaps not as thrilling as diving with clown fish, turtles, and sharks, nonetheless, one of the best parts of my job is learning more about how our customers use our products. As a result, I spend a fair amount of time traveling to meet with, talk to, and learn from our customers.

In my travels, I have toured plants and sat with automotive engineers creating new concept cars. I have seen how new commercial airliners are built. I have talked to doctors who collaborate with their colleagues to determine the cause and, more importantly, the treatment of difficult or complex diseases. I have seen the load of a public school teacher trying to help their students learn and keep pace with our fast moving world and think about how technology could play a larger role in the classroom.

These and many other scenarios are what product planners investigate, analyze, and evangelize with our engineering teams in order to make a product that meets the needs of 100s of millions of people the world over.

There are a variety of tools we use. Focus groups, surveys, ethnographic inquiry, customer interviews, and advisory councils are just a few of the ways we gather real-world data and experiences to incorporate into our scenarios, designs and, ultimately, the product.

One example of how these planning tools help take features from an idea to code can be seen in our new rich media enhancements in PowerPoint. Through customer usage analysis, we knew that over 50% of PowerPoint users included photos in their presentations and providing in place editing tools was a popular request. We were a bit surprised to learn that almost 20% of people were using more advanced capabilities like flash, video and animations. This trend spotting led us to conduct habits and practices research where we started to observe the scenarios and behaviors around the whole concept of rich media.

Next, we studied and prioritized the most commonly used and popular editing features. We interviewed customers to learn more context behind their usage. We discovered that removal of the background in an image was a big need.

Once we determined the list of requirements for making rich media great in PowerPoint, our designers and engineers went to work to determine the best user experience. Since software development is just as much an art as it is a science, it takes a lot of creativity to solve tough problems. Many times there are multiple ways to approach a scenario and improve upon or solve a particular task at hand.

In order to determine the best designs we test these concepts in a controlled environment. Much like my friend who first teaches new divers to breathe under water in a swimming pool (a controlled environment) before introducing them to the open water, planners test these concepts before we introduce them in a broad way to the world. Have we sufficiently solved the problem? Does the solution work effectively, save time, and ease the burden for the customer? We work closely with our colleagues in Design and User Research to ensure customers not only see the value of the concept but also know how to use the software.

Once we had our initial concepts, the next step was to take several of those concepts, built by our engineering team, to a test market of PowerPoint users and see what they liked and didn’t like. The data came back and showed we had found the right balance of simplicity versus functionality. Today, we are excited for you to use the many new and exciting rich media features in PowerPoint 2010 including the top requested feature Background Removal.

This is just one of many examples of how the voice of the customer guided the development efforts of Office 2010. In fact, during this past product cycle, the product planning team has spent over half a million person hours conducting similar types of customer research all over the world. We have engaged tens of thousands of customers across the United States, Europe and Asia.

Of all these customer interactions my personal favorite was a trip to a hospital on the East Coast of the United States. As part of my visit, I met with the Chief Technology Officer who talked to me about how Office and SharePoint were being used to bring doctors together from all over the country to collaborate on difficult patient cases. He shared his vision about how, in the future, patient information could be shared more effectively to more accurately and quickly diagnose symptoms. How doctors could communicate, collaborate and visualize patient information to more accurately and effectively diagnose these difficult cases. He had a list of wishes that our software could provide in the future. I feverishly took notes as he explained his list. I was inspired by the passion and sense of urgency this technologist had to put a better system in place to help his doctors and patients.

As we left his office and walked back to the lobby, a young, bald-headed boy in a hospital gown passed us in the hall, most likely on his way for more tests and treatments for his disease. Suddenly, I understood the technologist’s sense of urgency in a much more real way. This wasn’t just a better way to build cars or airplanes or process court orders, as important as those things are; this was a matter of life and death and our software played an important role and could play and even greater role in the future.

I am personally excited to see how our new Office Web Apps, Co-Authoring capabilities, data visualization, OXML, BCS, and SharePoint Workspaces will be used to help the Chief Technology Officer realize his vision.

I look forward to the opportunity to discover other ways we can continue to improve the lives of our customers. Download and try the beta; after all, you were a big part of helping us build Office 2010.

Posted: Monday, January 18, 2010 11:40 AM by OffTeam | 7 Comments

The New Slide Show in PowerPoint 2010

Lately, the PowerPoint Team has been writing a lot about the new slide show experience. Transitions, animations, and video will look better and run smoother in PowerPoint thanks to the brand new rendering pipeline that ships with PowerPoint 2010. This recent post highlights the differences between this new, hardware-accelerated engine and the old engine that runs in PowerPoint 2007:

The purpose of this upgrade is to enable you to create more visually stimulating slides and tell a more compelling story. The new rendering engine also serves as a platform on which we can build more complex and interesting animations in the future. Here are a couple of blog posts with example presentations that show some of the new features in action:

Visit the PowerPoint Team Blog to learn more about the upcoming release! Here are some of the other great features they’ve been talking about:

Broadcast Slide Show

PowerPoint Co-Authoring

PowerPoint Web Viewer

PowerPoint Web Editor

Export to Video

The New Multimedia Experience

Media Compression and Optimization

Trimming Media

Enjoy!

Posted: Tuesday, January 12, 2010 5:12 PM by OffTeam | 2 Comments

Office 2010: Accessibility Investments & Document Accessibility

My name is Larry Waldman -- I am a Program Manager on the Office User Experience team and have been working in this role to make Office more accessible for almost 5 years. When users of Office hear that Microsoft has many people working specifically to make our products more accessible to people with disabilities, many express surprise. With such a broad customer base, we recognize the importance of considering accessibility impact in every feature we build. For example, check out this article I wrote about Accessibility and the Ribbon in Office 2007.

Upon starting our research for the 2010 release, we knew it was important to continue our accessibility focus (see Microsoft Accessibility for more info) and ensure that Office 2010 is the most accessible version of Office ever. Not only are accessibility improvements garnering increasing attention from governments, but accessibility improvements provide broad usability improvements and as such are becoming a key area of focus for the software industry in general. With that in mind, we planned Office 2010 with two key accessibility pillars:

Improve Office’s interoperability platform to make it easier for assistive technologies (like screen readers, for example) to build features for their users. This includes our web products like SharePoint.
Provide several easy-to-use, powerful features built directly into the product that ensure users around the world are able to reach their full potential.

Providing detail on all of Office 2010’s accessibility improvements can’t be done in a single blog post, so I’m going to focus today’s discussion on Office 2010’s new document Accessibility Checker feature. I’ll end the post with a few high level bullets of other accessibility features that we might discuss in the future.

Understanding Document Accessibility

While user interface accessibility has been well understood for years, the accessibility of Office document content is a burgeoning new area. In particular, we’ve seen many requests from companies and governments who have been wondering how to help their employees create accessible content. To solve this problem in Office 2010 we created a document Accessibility Checker (like a spell checker, but for accessibility issues) as a core feature of Word, Excel, and PowerPoint.

We started by examining the most common accessibility problems in Office documents and bucketing them in terms of their severity – we ended up with three categories:

Issues where content is unreadable. For example, a picture missing alternative text (alt text provides a text based representation of an image) is unreadable to a person who is blind.
Issues where content is difficult to read. In general, these issues are less severe than unreadable content – for example, if an author has created a data table and used complex formatting to alter its presentation (i.e. using blank rows or columns, or merged and split cells), then a person with a disability might have difficulty understanding content in the table.
Issues that may or may not make content difficult to read. In our explorations, there were a set of issues that potentially cause users with disabilities difficulty for which we don’t have a high confidence, automatic way to determine whether the issue is really a problem. For example, knowing whether or not the reading order of objects on a slide or cells in a layout table is optimal for a particular reader falls into this bucket.

Based on these three categories, we came up with a set of issues our checker looks for (described in more detail below) – when presented to the user, they are bucketed into “Errors”, “Warnings”, and “Tips” – these buckets correspond to the above three descriptions.

Using the Accessibility Checker

One of our key principles for Office 2010’s accessibility checker was to make the feature available out of the box for all users – in a way that’s integrated with the authoring workflow. Rather than force users to remember to run the accessibility checker before sending a document, we integrated accessibility results directly into the Backstage view. Anytime you click the File tab and view the Info place, accessibility information will be provided under the Prepare for Sharing header. Prepare for Sharing is described more generally in this Backstage view blog post, but this is the place in the UI where authors go to ensure their file is ready to be shared with other readers; they can check for hidden information, metadata, and now accessibility issues.

To receive more detailed information (including what issues were found, why they are issues, and step-by-step instructions as to how to fix each one), users can click ‘Check for Issues’ and then click “Check Accessibility”.

This will close the Backstage View and open a task pane so you can interactively find and fix the issues in your document. In addition to the screenshot below I’ve provided a detailed textual description of how to use the checker and how its UI is represented to screen readers.

Text description of the Checker Task Pane

The task pane has two main UI sections.

The top section is a tree view control (with each tree item navigable via arrow keys). Each “violation type” (missing alt text, no table header row, repeated blank characters, etc…) is an item that is collapsible.

When showing, each violation type contains one or more violations – these are represented to screen readers as children of the parent “tree items”. Each leaf is key focusable. For example, if you have two pictures that are missing alt text, they will be two violations under the “Missing Alt Text” node – each can be selected. When a violation is selected, the document will scroll to and select the problematic content.

Where possible we try to name each violation with a meaningful name (for example “Picture 1”) – And in PowerPoint or Excel you’ll find that we also try to provide what slide/sheet the object is on. Note – the violation types are grouped into “Errors”, “Warnings”, and “Tips” – These headers separate the tree items in the view, but they are not collapsible themselves. The group headers are also not key focusable.

When you select an issue in the top part of the pane, the bottom of the task describes how and why to fix it. Just above this bottom section is an “expand/collapse chevron” that allows a user to collapse the bottom pane.

All of the text in the bottom pane section is represented to a screen reader as one big pane with static text. When focus is on the pane, it can be scrolled using ctrl+up/down and pageUp/pageDown. Finally, there is some explanatory text and a more info link at the bottom of the pane if users need more help.

What exactly do we check for?

When Office 2010 ships there will be full documentation provided that details each violation the checker will scan for. In the meantime, here is a quick list of what we check for in each Office application – you can download the Beta and try out the Accessibility Checker with your files to see more details for the issues your content has. The top box for each application contains Errors, the middle contains Warnings, and the bottom contains Tips.

While we’ve tried to include as many accessibility issues as we can for Office 2010, we do recognize that there are still accessibility issues we don't yet check for. If you have a particular issue that didn’t make it into this release, please feel free to leave us a comment on this post and let us know things you’d like us to consider for the next version.

As part of our documentation process we’ve provided Assistive Technology Vendors with details about how they can use the Office accessibility platform (including our Object Model) to ensure they optimally read back Office content for their users.

For organizations that are concerned about compliance for employees, we’ve provided several group policy settings that can be used to customize exactly which accessibility violations are checked. Administrators can also increase the visibility and emphasis of the Prepare for Sharing information when there are errors or warnings. Finally, IT departments can leverage Office 2010’s UI extensibility to enforce a workflow that requires users to run the checker – this will help many corporations reduce the risk of employees creating inaccessible content and increase the amount of accessible information available to people with disabilities.

Other Office 2010 accessibility highlights

While this post has drilled deeply into the new document accessibility checker, here are a few other highlights we’ll be considering blogging about in the future. Feel free to leave comments and we’ll be sure to drill into what you’re most interested in.

Increased Platform Support and Interoperability: Office is reliant on a complex network of Windows Assistive Technology (AT) to provide the best experience for users with all types of disabilities. Office 2010 incorporates User Interface Automation (UIA) platform support into many new features including, for example, the Ribbon, Backstage View, and Outlook message list.
Improved Web Accessibility: The W3C recently introduced its Web Content Accessibility Guidelines 2.0 (WCAG 2.0) as a standard on which web application accessibility could be judged. Achieving WCAG 2.0 AA conformance has been a key tenet of the development of Office server products, including SharePoint Server, the Office Web Apps, InfoPath Forms Services, and other tools. With this release we’ve moved beyond “basic conformance” for our web tools and invested in new usability features and UI like the Ribbon to ensure all users have an intuitive, easy-to-use experience with Office’s presence in the browser.
Continued Focus on Efficiency and Usability: Despite such a large focus on interoperability platforms and standards, we’ve also continued our focus on making features easy to use. In addition to the Backstage View, Outlook Quick Steps (user friendly ways to automate repetitive Outlook tasks), and new language translation capabilities, we’ve also provided new keyboard shortcuts. For example, you can use ctrl + right/left in the Ribbon to keyboard through command groups, and you can now resize and rotate shapes in PowerPoint with one keyboard shortcut (shift + right/left/up/down resizes, and alt + right/left rotates – you can use ctrl with both for more fine grained adjustments).

The release Office 2010 is groundbreaking on many levels. Not only are we delivering features to users that provide a great accessibility experience across the PC, the Web, and the Phone, but we have continued to enhance our platform interoperability and commitment to AT Vendors. Hopefully this look at accessibility is useful – please let us know via the comments if you have questions or would like more information on a particular topic.

Larry Waldman, Program Manager, Microsoft Office

Update: Nick Simons just blogged about accessibility and the Office Web Apps. Check it out at http://blogs.msdn.com/officewebapps/archive/2010/01/18/9949907.aspx.

Another update: Diana Kimball just published a quick blog about accessibility and PowerPoint. Check it out at http://blogs.msdn.com/powerpoint/archive/2010/01/26/behind-the-scenes-accessibility-in-powerpoint-2010.aspx.

Posted: Thursday, January 07, 2010 8:00 PM by OffTeam | 25 Comments

What the Office team will be talking about at CES

Heading into the new year, the Microsoft Office team is motivated more than ever by what we’re hearing about customers’ experiences with Office 2010. Many people think Office is just for the workplace, but millions of people are using Office at home, at school and for their small businesses to get things done. For instance:

According to the NPD Group, Office Home and Student was the number one selling PC software product -- including games! -- at retail in the U.S. during the week of Black Friday 2009.
Office Home and Student was one of Amazon.com’s top 3 Hot Holiday Bestseller software products in 2009.

Meanwhile the Office 2010 beta is generating record interest and use, surpassing the previous Office 2007 beta download rate. In just seven weeks, more than two million people around the world have downloaded and are using the Office 2010 beta. To get a better appreciation for that number, it’s a rate of more than 40,000 downloads per day. That’s approximately twice the number of people who run the Boston Marathon each year, or the entire population of Olympia, WA, or Annapolis, MD, downloading the Office 2010 beta every day!

Most importantly, 9 out of 10 beta users feel that the Office 2010 beta is an improvement over their current productivity suite.

How much will Office 2010 cost?

In addition to the great momentum statistics, we are also releasing Office 2010 U.S. retail pricing today. Office 2010 will be offered in four versions, to make it easier to choose a version of Office that’s best for you – Office Home and Business, Office Professional, Office Home and Student, and Office Professional Academic. Here’s a chart that outlines the features and pricing for each version.

Version	Boxed Product	Product Key Card
Office Home and Student	$149	$119
Office Home and Business	$279	$199
Office Professional	$499	$349
Office Professional Academic	$99	N/A

Office Home and Student boxed product is available in a Family Pack, allowing usage on three PCs in one house
Purchase rights for Office Home and Business, Office Professional, and Office Professional Academic boxed product allow for usage on two of your PCs.
The Product Key Card is valid for a single installation of the product.

Or click here to download a more detailed guide to each edition.

We’re committed to making Office 2010 the best productivity suite ever, and making it easier for everyone to try, buy and use Office.

Rachel Bondi, General Manager, Microsoft Office

Posted: Tuesday, January 05, 2010 5:59 AM by OffTeam | 43 Comments

Filed under: Licensing, Beta

Volume Activation Tips and Tricks

Hi again, I’m Ted Way, program manager for Office 2010 volume activation. Last time I posted to this blog, I talked about KMS and MAK as two activation methods for the enterprise. If you’re planning on deploying Office 2010, Windows (7, Vista, Server 2008 R2, Server 2008), or a combination of these, you’ll be happy to know that the activation technologies are essentially the same. The same KMS host running on Windows Server 2008 R2, volume editions of Windows 7, or Windows Server 2003 can activate both Windows and Office, for example.

In this post I’ll show screenshots of the end-user experience if activation was not successful. In addition, I’ll share some tips and tricks on how to manage your volume editions of Office and activation so your time can be spent on checking out all the cool new features in Office 2010. Your end-user does not need to know anything about activation because everything is happening behind-the-scenes.

End-User Notification Experience

For volume editions of Office, users will not see any reminders to activate the first 25 days after installation. However, if activation is not successful, then users will see notification dialogs every time they launch an Office application from day 25 to 30 post-installation. An example of these notification dialogs is shown below. If the user closes the dialog, he or she will still be able to fully use all the features in Office.

If Office still has not been activated 30 days after installation, users will see notification dialogs every time an Office application is started. In addition, the title bar color will change to red as shown below. These visual indicators serve as reminders that users need to activate.

Going to the Backstage view by clicking File tab | Help will be the quickest way to check licensing status:

If you’re using volume editions of Office 2010 Beta and you haven’t activated, take a look at this page for help.

How to Quickly Set Up a KMS Host

If users are seeing the above notifications to activate, you can set up a KMS host in just minutes by following the directions on the KMS host set up page. Once the KMS host is set up, the KMS clients automatically find the host on DNS and activate themselves against it. This is transparent to the end-user.

Sanjay Garg, a developer of the Office Software Protection Platform focused on enterprise licensing, suggests, “Once a KMS host is activated, make sure you allow the Key Management Service through the Windows Firewall. That way the KMS client requests can get through to the KMS host.”

How do you know whether your KMS host has been successfully activated? On your KMS host computer, open an elevated command prompt and run this command in the Windows\system32 directory.

C:\WINDOWS\system32>cscript slmgr.vbs /dli

You should see the output below. Note the “Licensed” status, meaning you’ve activated your KMS host. When the “Current count” >= 5, then KMS clients will begin activating the next time they request activation.

Name: Office(TM) 14, Beta1ProPlusKMSHost edition
Description: Office(TM) 14 KMS, VOLUME_KMS channel
Partial Product Key: TCDMC
License Status: Licensed
Key Management Service is enabled on this machine
Current count: 6
Listening on Port: 1688
DNS publishing enabled
KMS priority: Normal

Here at Microsoft we have an internal KMS host running on a Windows Server 2008 R2 VM. If you are running Windows Server 2008, consider using a VM of Windows Server 2008 R2 or Windows Server 2003 as your KMS host. The Microsoft KMS host is handling all of our internal Windows AND Office 2010 activation requests. Since the host was set up earlier this year, it’s received 250,000 initial activation requests and 135,000 re-activation requests from licensed Office KMS clients. It’s also received and processed hundreds of thousands of additional requests for Windows client and server activation.

An administrator in Microsoft IT shared his experience: “We configure the server to auto publish in all the internal domains via reg key and we secure the _vlmcs._tcp DNS record in all domains by only allowing a specific security group to update it. We add the KMS servers to the security group as part of the standard KMS build process. Also part of the standard KMS build process we request an IPsec exemption for the servers, because we allow our unmanaged clients (labs, non-domain joined, etc) to activate.”

Ospp.vbs

This handy script is helpful for performing local and remote licensing operations for Microsoft Office 2010. You can find it in the “%ProgramFiles%\Microsoft Office\Office14” folder. For 32-bit installs of Office on 64-bit operating systems, look for it under the “Program Files (x86)” folder. Keep in mind ospp.vbs is the script to configure the Office 2010 client, while slmgr.vbs is used to configure the KMS host and Windows installations.

To run this script, open an elevated command prompt by clicking the Start button and searching for “cmd” in the search box. Right click on the command prompt window and select “Run as administrator.” Go to the directory with this command:

cd “%ProgramFiles%\Microsoft Office\Office14”

You can see the options that are available by typing:

cscript ospp.vbs -?

Richard Moloney, the developer of this script, says a useful benefit after setting up a KMS host is using the -act and -dhistory commands to verify the Office client is finding the KMS host and successfully activating. He suggests, “If you’re setting up a KMS host, you can manually trigger and verify successful activation. You don’t need to wait 25 days until notification dialogs start popping up to start troubleshooting.”

Trigger activation and view the KMS activation history by running:

cscript ospp.vbs –act
cscript ospp.vbs –dhistory

For MAK activation, one common task would be to check the status of your computer, install a Professional Plus Beta MAK key, and trigger activation. Run these commands (if you’re pasting these commands, you may need to change the long dash to a short dash). In this example, note that when you run the –act command, you’ll be triggering MAK activation, which goes to Microsoft’s activation servers, not your KMS host.

cscript ospp.vbs –dstatus
cscript ospp.vbs –inpkey:22HGX-728MX-BBWX9-7BB8X-J96B4
cscript ospp.vbs –act
cscript ospp.vbs –dstatus

What if you got an error code? You can easily get the error description with this command specifying the error code:

cscript ospp.vbs –ddescr:0xC0020017

You can even run this script to check the status or trigger activation of a remote computer. Just provide the computer name and login credentials:

cscript ospp.vbs –act <remote computer name> <username> <password>

This brings me to the next section: how would you remotely manage and activate multiple computers quickly?

Volume Activation Management Tool (VAMT) 2.0 Beta

To remotely manage volume editions of Windows and Office 2010 in your organization using a GUI tool, download VAMT 2.0 Beta. VAMT 2.0 allows you to get an overview of the licensing status of both Windows and Office 2010 installations.

For VAMT 2.0 to manage client computers, make sure you make an exception for the Windows Management Instrumentation (WMI) on the client computers. Go to Control Panel –> Windows Firewall -> Allow a program through Windows Firewall. If you are managing Windows XP machines running Office 2010, see this article for more information. I’ve included a screenshot of VAMT 2.0 with my two computers:

I can monitor my desktop and laptop, in addition to any other machines I have access to. Both have Windows Vista and Office 2010 applications installed. Under “Product Key Type,” GVLK is the generic volume license key, which is the KMS client key. On my laptop, I have the MAK key installed from the activation page.

If I right click on my computer name, I can install product keys, trigger activation, or even do proxy activation through VAMT 2.0. Proxy activation is a method of activating multiple machines with Office 2010 that have a MAK key installed. This would be helpful for computer networks that are not connected to the Internet, or if you want to MAK activate multiple machines at once for your sales team, for example.

Questions?

If you have any questions, check out the Office 2010 Volume Activation resource center on TechNet. There’s a great video that gives an introduction to KMS and MAK along with more in-depth documentation.

If you have any specific questions, post it to our forum at http://social.technet.microsoft.com/Forums/en/office2010volact/threads and our team will do our best to address them!

Posted: Friday, December 18, 2009 6:06 PM by OffTeam | 19 Comments

Filed under: Licensing, Activation

Office 2010 File Validation

Howdy, I’m David B Heise and I work on the Office Security team responsible for testing Office File Validation (codename: Gatekeeper). There have been some misconceptions about the new file validation feature in Microsoft Office 2010 and I hope to clear these up and explain the why and what.

Why Validate Binary Files?

Throughout the years the office binary formats have necessarily evolved and grown in scale and complexity. The reasons why the formats are complex have been discussed sufficiently elsewhere (see Joel Spolsky's article here) so we won’t go into that discussion here, however these binary formats are very well documented here. We have found that malicious attackers use the binary files as an attack vector to infect a targeted user, as such we wanted to come up with a way to stop this from happening. One thing our team has been doing is whenever a new Office file format attack is reported to Microsoft we have been checking it with our validation to see how well we’re doing. So far, so very good!

What is The Gatekeeper?

Office File Validation is a feature that was originally introduced in Publisher 2007 to validate Publisher’s PUB files. It verifies that a particular binary file conforms to the application’s expectations. In Office 2010 we’ve expanded this feature significantly to include binary formats for Word, Excel, and PowerPoint. Please note that this feature is for binary formats ONLY (i.e. PUB, DOC, XLS, PPT, etc), this does not validate the XML based documents (i.e. DOCX, XLSX, PPTX, etc), nor does it validate macros or other custom items. What it does validate is the structure of the file, for example if you have a XLS file that has a FONTINDEX structure with the ifnt value set to 4 (which is an invalid value for that particular item) then it fails validation.

How Does It Work?

Whenever an un-trusted binary file (i.e. not in a trusted location and not a trusted document) is loaded by Word, PowerPoint, or Excel it goes through a check to see if it is a valid file. This check looks at the specific bits of the file that the application is about to parse, in other words the relevant OLESS Streams. If it is determined to be valid, it opens as normal, nothing to see…move along…move along. However if it is found to be invalid, it is sent (by default) to the Protected View.

If you click on that text you will be taken to the Backstage view where you will have the option to open the file in the full application experience. Please note that this is a trust decision that will mark this particular file as a trusted file, and as such, will NOT be validated the next time you open this file.

After you’re done with the file and close the application you may see a prompt like this:

This prompt only appears at most once every two weeks (per application) and gives you the option to send the failing file (or files) to us via Windows Error Reporting. Of course you can remove a file or two if you don’t want to share that information, but by sending us the file we can analyze it further to improve Office File Validation.

How do I control this?

Via Policy

We realize that many administrators (or security conscious users) may not like the idea of opening a file that fails validation, so there is a group policy to control the default action when a file fails validation. These policies are located under the application’s “Options\Security\Trust Center\Protected View” in the group policy templates and it is a per application setting.

Via the Registry

There are several registry keys that control various aspects of Office File Validation.

Common Keys

HKCU\Software\Microsoft\Office\14.0\Common\Security\FileValidation \ReportingInterval - This is a DWORD that controls the number of days between the showing of the dialog to send files to Windows Error Reporting.

HKCU\Software\Microsoft\Office\14.0\Common\Security\FileValidation\DisableReporting - This is a DWORD that if set to 1 will disable the showing dialog (and thus the sending of files) to Windows Error Reporting.

Application Specific Keys

For these examples I’m going to use “Excel”, but these also work for “PowerPoint” and “Word”

HKCU\Software\Microsoft\Office\14.0\Excel\Security\FileValidation\EnableOnLoad – This is a DWORD that if set to 0 Office will not validate files.

HKCU\Software\Microsoft\Office\14.0\Excel\Security\FileValidation\DisableEditFromPV – This is a DWORD that if set to 1 will not allow files to be edited that fail validation.

Excel Specific Keys

HKCU\Software\Microsoft\Office\14.0\Excel\Security\FileValidation\PivotOptions – This is a DWORD that controls specific options around validating pivot caches (for performance reasons) in files that have them.

0 = Never validate any pivot cache
1 = Validate the pivot cache in the following cases: (1) file is opened from the internet, and the platform marks the file locally as having come from the internet. (2) The file is a Microsoft Outlook email attachment. (3) The user specifically opened the file in protected view. (4) The file is opened from a known "unsafe location" locally where internet content is cached, and any special user-defined untrusted locations, unless protected view unsafe locations are disabled via (a different) registry key. (5)The file is opened and the pivot cache is parsed on load.
2 =Always validate all pivot caches

Via Scripting

For custom solutions built on top of Office there are a few interesting properties that have been added to the Application Objects that will disable file validation for that session. There is also an extra option for Excel to control the validation of Pivot Caches (i.e. the file cached data for pivot tables and charts). Here’s a powershell script example showing how to set these two options for Excel (but the FileValidation property would also apply for Word and PPT):

$excel = New-Object -comobject Excel.Application
# valid values are:
# msoFileValidationDefault = 0
# msoFileValidationSkip = 1
$excel.FileValidation = msoFileValidationSkip
# valid values are:
# xlFileValidationPivotDefault = 0 (do whatever you’d normally do, i.e. follow registry & default settings),
# xlFileValidationPivotRun = 1 (validate all pivot caches),
# xlFileValidationPivotSkip = 2 (don’t validate any pivot caches)
$excel.FileValidationPivot = xlFileValidationPivotSkip

That’s great, but does it Cook?

We have made specific strides to ensure that file validation is very fast. Yes, it now takes more time to open a file, but we’re generally talking milliseconds more. In fact, you’d be hard pressed to find a normal sized file that takes more than a second to validate, most files validate in the 1 to 100 milliseconds range. Of course if the file is huge and super complex and takes an hour to open already…then yes it will take more than a second, but you probably aren’t going to notice anyway. In addition to that if the file takes more than 5 seconds to validate (so we’re talking very complex files here) we give you the option to cancel and go straight to the Protected View. After all we couldn’t just let you open it normally because then hackers would just make a file that was really complex…then take over your machine, which is exactly what this feature is trying to stop.

In addition for any file that takes a long time to validate (if it passes validation, fails validation, or validation is skipped) will also be shown the same Windows Error Reporting prompt as a failing file; giving you the option to send us the file for further analysis.

In a Nutshell

In talking with the developers one day we imagined a conversation that went like this:

“So what have you been working on?”

“Office File Validation”

“What’s that?”

“A check on an Office file to make sure it’s ok”

“So, you spent the last two years writing a Boolean function?”

“Well…um…yes, but it’s an important function!”

At the end of the day the Office File Validation is really just a Yes/No function to inform the application if a file is valid or not, but that’s a really important function! In fact is also a really complex function, as anyone who’s ever even peeked into the file format specifications can attest. So there you have it, in a nutshell. Office File Validation will check your binary file to ensure the significant bits of your file are valid, and if you think we’re wrong you can either trust the file or let us know!

Posted: Wednesday, December 16, 2009 2:52 PM by OffTeam | 18 Comments

Question	Data used	Results
How many users would this impact?	Command Usage: % of users using it % of sessions in which it’s used # of times users used it in total # of times users used it per session	Paste is used by almost every user in almost every session of Word. In fact, it occurs more frequently per session than other related commands…like Cut or Copy.
How are Paste and Paste Recovery being used?	Feature Usage: Paste. Knowing we would always want to understand more about how people paste, we had instrumented the Paste feature to count the number of times it was used in different contexts. Paste Recovery. This is the little on-object UI (OOUI) widget that appears after you paste. Analyzing its use helps us understand the final format of many pastes.	The result was the chart above. Note how frequently content is pasted from a different document or different application—those sources probably have different formatting, explaining the need for the additional formatting options provided by Paste Recovery.
How do users get to the commands?	Command Usage: # of times it is accessed from the ribbon, from its shortcut (Ctrl-V), from the right-mouse menu, from the Quick Access Toolbar, etc.	Predictably in Word, the most frequent is Ctrl-V by a wide margin, with the right-mouse menu next. We used this data to explore 1) improving the ease of access, the contents, and the interaction model of the Paste Recovery widget for keyboard users; 2) putting the Paste options directly in the right-mouse menu, for those users who are accustomed to pasting via the context menu; and 3) we also thought about how we can expose the improved Paste experience in the Ribbon. After iterating on several designs in the usability lab, you can see the result in the Office 2010 Ribbon, right-mouse context menu, and the Paste Recovery OOUI widget:
What do people do after they paste?	Command Usage: List of the most frequent commands which follow Paste.	Other than continuing to type, the most frequent commands relate to formatting (changing font size, color, appearance). The next most frequent are another Paste or an Undo. We used this data to understand what options needed to be available in the Paste Recovery options. It also clearly signaled that people are not satisfied with Paste results since they were often making “manual” formatting changes (or undoing the action) immediately after pasting.
Which Paste Recovery options are most used? Do we have the right defaults?	Feature Usage: % of times each Paste Recovery option is chosen. % of times different Paste Recovery options are evaluated but not chosen.	The result was the chart above. It shows how frequently each Paste Recovery option is used. KeepSourceFormatting is the default and comparing that to the number of times Paste is used versus number of times Paste Recovery is used, we have the right default. Note that the other options in the Paste Recovery widget are arranged in order by frequency:

Recent Posts

Tags