Microsoft 365 tightens security

Microsoft 365 Security

💡 If I asked where your biggest security risks sit, you’d probably say email, passwords, or maybe remote access, right?

Very few would point to Excel or PowerPoint.

Yet Microsoft Office apps remain one of the most common entry points attackers use ☠️

That’s why Microsoft 365 now includes an updated security baseline for Office apps.

Put simply, a security baseline is Microsoft’s recommended set of “secure setting template.”

IT admins can apply it to make Word, Excel, PowerPoint and the rest more resistant to modern attack methods.

This latest update focuses on reducing risk created by legacy features and external connections.

Take Excel, for example. If a spreadsheet contains a link to pull in data from an external source, and that source is blocked under your security rules, Excel will now refuse to refresh it.

You’ll see an error instead.

Why does this matter? Attackers often hide malicious data connections inside spreadsheets. Stopping automatic connections removes a potential weakness.

➡️ In PowerPoint, Microsoft is disabling OLE content.

OLE (Object Linking and Embedding) is a long-standing technology that allows content from other applications to be embedded into files.

It has legitimate uses, but it has also been exploited in the past. Reducing reliance on older embedding mechanisms lowers the risk profile.

➡️ Across all Microsoft 365 apps, there are further changes, including:
🔒 Blocking documents using non-HTTPS web connections
🔒 Disabling outdated graph components
🔒 Turning off legacy add-ins like classic OrgChart
🔒 Preventing fallback to older network protocols

Microsoft is steadily moving organisations away from technologies attackers know how to abuse.

👉 For you, the important thing is this: These stronger settings need to be deployed by your IT team using Microsoft’s Security Compliance Toolkit. They don’t automatically switch on everywhere.

🤔 When was the last time someone reviewed how your Office apps are configured, not just whether they’re up to date?

👉 We can help. Get intouch:

☎️ Camb: 01223 209920 | London: 020 3519 0124
☎️ Suffolk: 0144 059 2163 | Sheffield: 0114 349 8054

💻 www.breathetechnology.com | 📧 [email protected]



Looking for something specific?