Plan Protected View settings for Office 2010
Applies to: Office 2010
Topic Last Modified: 2011-08-05
If you want to change how the sandbox preview feature in Microsoft Office 2010 behaves, you can configure Protected View settings. Protected View is a new security feature in Office 2010 that helps mitigate exploits to your computer by opening files in a restricted environment so they can be examined before they are opened for editing in Microsoft Excel 2010, Microsoft PowerPoint 2010, or Microsoft Word 2010.
In this article:
About planning Protected View settings
Prevent files from opening in Protected View
Force files to open in Protected View
Add files to the list of unsafe files
About planning Protected View settings
Protected View helps mitigate several kinds of exploits by opening documents, presentations, and workbooks in a sandbox environment. A sandbox is a piece of computer memory or a specific computer process that is isolated from certain operating system components and applications. Because of this isolation, programs and processes that run in a sandbox environment are considered less dangerous. Sandbox environments are frequently used to test new applications and services that might make a computer unstable or fail. Sandbox environments are also used to prevent applications and processes from harming a computer.
When a file is opened in Protected View, users can view the file content but they cannot edit, save, or print the file content. Active file content, such as ActiveX controls, add-ins, database connections, hyperlinks, and Visual Basic for Applications (VBA) macros, is not enabled. Users can copy content from the file and paste it into another document. In addition, Protected View prevents users from viewing the details of digital signatures that are used to sign a document, presentation, or workbook.
Default behavior of Protected View
By default, Protected View is enabled in Excel 2010, PowerPoint 2010, and Word 2010. However, files open in Protected View only under certain conditions. In some cases, files bypass Protected View and are opened for editing. For example, files that are opened from trusted locations and files that are trusted documents bypass several security checks and are not opened in Protected View.
By default, files open in Protected View if any one of the following conditions is true:
A file skips or fails Office File Validation Office File Validation is a new security feature that scans files for file format exploits. If Office File Validation detects a possible exploit or some other unsafe file corruption, the file opens in Protected View.
AES zone information determines that a file is not safe Attachment Execution Services (AES) adds zone information to files that are downloaded by Microsoft Outlook or Microsoft Internet Explorer. If a file’s zone information indicates that the file originated from an untrusted Web site or the Internet, the downloaded file opens in Protected View.
A user opens a file in Protected View Users can open files in Protected View by selecting Open in Protected View in the Open dialog box, or by holding down the SHIFT key, right-clicking a file, and then selecting Open in Protected View.
A file is opened from an unsafe location By default, unsafe locations include the user’s Temporary Internet Files folder and the downloaded program files folder. However, you can use Group Policy settings to designate other unsafe locations.
In some cases, Protected View is bypassed even if one or more of the previously listed conditions are met. Specifically, files do not open in Protected View if any one of the following is true:
A file is opened from a trusted location.
A file is considered a trusted document.
Change Protected View behavior
We recommend that you do not change the default behavior of Protected View. Protected View is an important part of the layered defense strategy in Office 2010, and is designed to work with other security features such as Office File Validation and File Block. However, we recognize that some organizations might have to change Protected View settings to suit special security requirements. To that end, Office 2010 provides several settings that let you change how the Protected View feature behaves. You can use these settings to do the following:
Prevent files that are downloaded from the Internet from opening in Protected View.
Prevent files that are stored in unsafe locations from opening in Protected View.
Prevent attachments opened in Microsoft Outlook 2010 from opening in Protected View.
Add locations to the list of unsafe locations.
In addition, you can use File Block settings and Office File Validation settings to force files to open in Protected View. For more information, see Force files to open in Protected View later in this article.
Note
For detailed information about the settings that are discussed in this article, see Security policies and settings in Office 2010. For information about how to configure security settings in the Office Customization Tool (OCT) and the Office 2010 Administrative Templates, see Configure security for Office 2010.
Prevent files from opening in Protected View
You can change Protected View settings so that certain files bypass Protected View. To do so, enable the following settings:
Do not open files from the Internet zone in Protected View This setting forces files to bypass Protected View if the AES zone information indicates that the file was downloaded from the Internet zone. This setting applies to files that are downloaded by using Internet Explorer, Outlook Express, and Outlook.
Do not open files in unsafe locations in Protected View This setting forces files to bypass Protected View if the files are opened from an unsafe location. You can add folders to the unsafe locations list by using the Specify list of unsafe locations setting, which is discussed later in this article.
Turn off Protected View for attachments opened in Outlook This setting forces Excel 2010. PowerPoint 2010, and Word 2010 files that are opened as Outlook 2010 attachments to bypass Protected View.
These settings do not apply if File Block settings force the file to open in Protected View. Also, these settings do not apply if a file fails Office File Validation. You can configure each of these settings on a per-application basis for Excel 2010, PowerPoint 2010, and Word 2010.
Force files to open in Protected View
The File Block and Office File Validation features have settings that let you force files to open in Protected View when certain conditions are met. You can use these settings to determine the circumstances under which files open in Protected View.
Use File Block to force files to open in Protected View
The File Block feature lets you prevent users from opening or saving certain file types. When you use File Block settings to block a file type, you can choose one of three file block actions:
Blocked and not allowed to open.
Blocked and opened only in Protected View (users cannot enable editing).
Blocked and opened in Protected View (users can enable editing).
By selecting the second or third option, you can force blocked file types to open in Protected View. You can configure File Block settings only on a per-application basis for Excel 2010, PowerPoint 2010, and Word 2010. For more information about File Block settings, see Plan file block settings for Office 2010.
Use Office File Validation settings to force files to open in Protected View
Office File Validation is a new security feature that scans files for file format exploits before they are opened by an Office 2010 application. By default, files that fail Office File Validation are opened in Protected View and users can enable editing after previewing the file in Protected View. However, you can use the Set document behavior if file validation fails setting to change this default behavior. You can use this setting to select one of three possible options for files that fail Office File Validation:
Block completely Files that fail Office File Validation cannot be opened in Protected View or opened for editing.
Open in Protected View and disallow editing Files that fail Office File Validation are opened in Protected View but users cannot edit the files.
Open in Protected View and allow editing Files that fail Office File Validation are opened in Protected View and users are allowed to edit the files. This is the default.
By selecting the second option, you can restrict Protected View behavior for files that fail Office File Validation. You can configure this Office File Validation setting only on a per-application basis for Excel 2010, PowerPoint 2010, and Word 2010. For more information about Office File Validation settings, see Plan Office File Validation settings for Office 2010.
Add files to the list of unsafe files
You can use the Specify list of unsafe locations setting to add locations to the unsafe locations list. Files that are opened from unsafe locations are always opened in Protected View. The unsafe locations feature does not prevent users from editing a document; it only forces a document to open in Protected View before it is edited. This is a global setting that applies to Excel 2010, PowerPoint 2010, and Word 2010.
Note
For the latest information about policy settings, refer to the Microsoft Excel 2010 workbook Office2010GroupPolicyAndOCTSettings_Reference.xls, which is available in the Files in this Download section on the Office 2010 Administrative Template files (ADM, ADMX, ADML) and Office Customization Tool (https://go.microsoft.com/fwlink/p/?LinkID=189316&clcid=0x409) download page.