Hardening Ms Office

CMLew

CMLew

Level 23
Thread author
Verified
Well-known
Oct 30, 2015
1,251
3,294
2,169
Singapore
I happened to read this article from Australia Govt site (?) related to cybersecurity. And one of them is hardening Ms. Office.

Hardening Microsoft Office 365 ProPlus, Office 2019 and Office 2016 | Cyber.gov.au

Workstations are often targeted by adversaries using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.
www.cyber.gov.au www.cyber.gov.au

Wondered if anyone tried that?
 
  • Like
Reactions: Zartarra, Protomartyr, KonradPL and 7 others
CMLew said:
I happened to read this article from Australia Govt site (?) related to cybersecurity. And one of them is hardening Ms. Office.

Hardening Microsoft Office 365 ProPlus, Office 2019 and Office 2016 | Cyber.gov.au

Workstations are often targeted by adversaries using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.
www.cyber.gov.au www.cyber.gov.au

Wondered if anyone tried that?
Click to expand...

Simple solution: AndyFul/Hard_Configurator
 
  • Like
Reactions: Protomartyr, KonradPL, Andy Ful and 7 others
When on Windows 10
1. Install ConfigureDefender and enable all Windows Defender ASR rules
2. Open TrustCenter in Office and disable
- use of macro's
- use of active X
- use of Add-ins
- set trusted folders to your Documents (and data partitions)
3. Add all Office executables to Windows Defender Exploit protection and enable Code Integrity Guard
 
  • Like
  • +Reputation
Reactions: Protomartyr, KonradPL, Andy Ful and 3 others
If you do not use H_C and ConfigureDefender, then you can tweak Office applications or use Windows Policies to:
  1. Disable macros (Word, Excel, PowerPoint, Access, Publisher, Outlook).
  2. Disable access to Visual Basic Object Model (Access, Excel, PowerPoint, Word).
  3. Disable auto-update for any linked fields (including DDE and OLE in Word, Excel, Outlook, OneNote).
  4. Disable ActiveX (Word, Excel, PowerPoint).
  5. Disable OLE (Word, Excel, PowerPoint).
  6. Disable ‘RunPrograms’ option for action buttons in PowerPoint.
  7. Disable automatic download of linked images in PowerPoint.
  8. Disable TrustBar notifications in (Word, Excel, PowerPoint).
All of this can be also done via Documents Anti-Exploit tool available on:
github.com

GitHub - AndyFul/Hard_Configurator: GUI to Manage Software Restriction Policies and harden Windows Home OS

GUI to Manage Software Restriction Policies and harden Windows Home OS - AndyFul/Hard_Configurator
github.com github.com
This tool uses most of the policies included in the :

Hardening Microsoft Office 365 ProPlus, Office 2019 and Office 2016 | Cyber.gov.au

Workstations are often targeted by adversaries using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.
www.cyber.gov.au www.cyber.gov.au
 
  • Like
  • +Reputation
  • Wow
Reactions: Handsome Recluse, Protomartyr, Lenny_Fox and 6 others

You may also like...