MS Office Protected Mode

When I open a MS Office document someone has sent me it is almost only in ‘READ’ or ‘PROTECTED’ mode, which means I have to click a button in order to edit or print it.

What is the purpose of this feature? Are they afraid I am going to edit it by accident? Are they trying to protect me from viruses? I just don’t get it and it’s annoying. Is there some way to turn this ‘feature’ off?

As I understand it, somewhere in the bowels of Office is support for a proprietary, interpreted programming language of some sort. It’s called “macros”. I’ve never seen or used this language, but apparently it is so poorly designed and implemented that it is possible to craft a macro that hijacks the computer that opens it.

Why doesn’t Microsoft junk their current macro interpreter and introduce one with a proper sandbox? Do they have any idea how much time their products waste when used in the default settings?

Anyways, that protected mode is a poorly made choice that wastes the time of millions of Americans. Virtually anyone who ever opens a document is going to want to print or edit it, so it doesn’t really protect from jack shit. Office needs to be able to either detect accurately if a document actually has a virus, or, it really needs sandboxing so that it doesn’t matter.

Protected mode is a sandbox. That’s why you can’t save or print from it.

Well, it’s a worthless, incompetent sandbox. It provides no protection whatsoever, it just wastes our time.

Office documents can contain macros, which are mini-programs that have access to all of Office’s commands/features/menus/etc… They’re normally used to automate tedious or repetitive actions, but can also be used to perform a bunch of harmful actions without the user’s knowledge (there’s nothing inf Office that says a macro has to inform the user of what it’s doing).

Protected mode prevents macros from running. However, since macros are often used for legitimate purposes (e.g. to update content to match the date and time, or modify information you type to match a pre-defined format) certain other features have to be disabled as well.

As for disabling it, simply type the following words into the search engine of your choice for several thousand links each explaining how to turn this feature off.



microsoft office disable "protected mode"


Thanks dstarfire.

File -> Options -> Trust Center -> Trust Center Settings -> Protected View - > uncheck

I still don’t understand protected view if it’s only purpose is to inhibit macros. Macro security has been around for a long time. Since Excel 2003 I get prompted as to whether I want to allow macros to run in a macro-enabled file. Even ones that I create myself. So what does Protected Mode add to that? Plus I get protected mode whenever I open an attachment from an email, even if it is not a macro-enabled file.

From the last link: “Files from the Internet and from other potentially unsafe locations can contain viruses, worms, or other kinds of malware that can harm your computer. To help protect your computer, files from these potentially unsafe locations are opened in Protected View. By using Protected View, you can read a file and see its contents while reducing the risks.”

I get this even just opening a file someone has emailed me; I assume it’s because our email is in the cloud and it’s like opening something from the Internet??

It’s basically the two-click rule for e-mailed files.

E-mailing a word document with a virus embedded in it is a common method of propagating them. When you opened or previewed the document, the virus would run and infect your computer.

One of the decisions that Microsoft made to help combat this was to create protected mode. Now when you receive an infected file, if you open it, it doesn’t automatically have access to make changes to your computer.

In general, you still should avoid opening files from sources that you don’t trust, but this helps if someone who you are expecting a file from is infected.

Opening a file from an email is opening something from the Internet.

I’m still not getting how opening a Word file with no macros can cause an infection.

The file has an alternate data stream (ADS) named “Zone.Identifier” which stores information about where the file came from. You can see the description of the zones in “Internet Options”: the values are

0 URLZONE_LOCAL_MACHINE
1 URLZONE_INTRANET
2 URLZONE_TRUSTED
3 URLZONE_INTERNET
4 URLZONE_UNTRUSTED

MS office uses both the Zone identifier, and the actual present location: a file that’s “on the internet” will be untrusted because it’s in an untrusted location, and a file download from the internet will be untrusted because it has the untrusted zone value.

In older versions of MS office, untrusted files and files in untrusted locations were opened with macros dissabled. In newer versions, such files are opened in a sandbox (and with macros dissabled).

The sandbox helps protect (“security in depth”) against strange corruption exploits like the many Flash and PDF exploits.

MS Office was never a top target for this kind of attack: that would be Flash, Acrobat Reader and IE, but as the problems with Flash and Acrobat reader became more well known, protections like this became more common.

If there are no macros and the file is properly formed, it can’t.

As mentioned by Melbourne, while Word does have problems with this, there are other applications that are bigger vectors of this type of attack.

The issue is that you have 3 choices:

  1. Before a user opens any file from the internet, you can run it through a comprehensive virus scan keeping in mind that there are people who make a living by keeping ahead of anti-virus patterns. Also, if you miss any viruses, people will blame you.
  2. Discontinue features that users have come to expect and lose even more market share.
  3. Throw everything from the internet into a sandbox, inform the user why they don’t have any functionality, and make it easy for the user to get that functionality back.

Many of the core functions of office macros are for interaction with (and control of) the file system, with drivers, other office applications and the OS itself. Sandboxing would render much of the useful functionality impotent.

Well, there’s your problem. That should never have been possible in the first place.

for some reason, no one is understanding the OP’s question the way I understand it: word should first check to see if there is a macro present in the file. Only if there is indeed a macro present, then it should go into protected mode. But if there is no macro present, why bother with protected mode?

IMHO it’s a useless feature designed to assuage the concerns of idiots who don’t realize the feature is useless.

… …

Yep, they should have just stuck with emacs and vi. Programming languages have no place in an editor.