AhmedDeban 1 Posted October 13 Share Posted October 13 Dear Bro, I would to blocking Macros to prevent user to add or execute it for OFFICE , I did On policy and enable the Document Protection but does not worked , Also Enable HIPS Settings with the below rules not effected , There are anyone have idea how to do it ? Quote Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,407 Posted October 13 Administrators Solution Share Posted October 13 You can block Office macros without using Defender’s Attack Surface Reduction (ASR) rules by configuring Group Policy settings or using Microsoft Intune. Here are some methods: Group Policy Open Group Policy Management: On your domain controller, open the Group Policy Management Console (GPMC). Create or Edit a GPO: Create a new Group Policy Object (GPO) or edit an existing one. Navigate to Office Settings: For Office 2016 or later: User Configuration > Administrative Templates > Microsoft Office 2016 > Security Settings Configure Macro Settings: Disable all macros without notification: This setting will block all macros and prevent users from being notified. Block macros from running in Office files from the internet: This setting blocks macros in files that come from the internet, which is a common source of malicious macros. Microsoft Intune Create a Configuration Profile: Go to Devices > Configuration profiles > Create profile. Select Windows 10 and later as the platform and Administrative Templates as the profile type. Configure Office Macro Settings: Navigate to the settings for each Office application (e.g., Excel, Word). Set Disable all macros without notification and Block macros from running in Office files from the internet. Additional Measures Trusted Locations: Only allow macros to run from trusted locations. This can be configured in the Trust Center settings of each Office application. Digital Signatures: Require macros to be signed by a trusted publisher. This ensures that only macros from verified sources can run. By implementing these settings, you can effectively block macros and enhance the security of your Office applications without relying on Defender ASR rules. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.