Updated: 2009-02-12

The 2007 Microsoft Office system contains several settings that enable you to control the way external threats are mitigated. By default, links to external content are disabled. This includes links to data sources, hyperlinks to Web sites and documents, and links to images and media.

When a user opens a document that contains links to external content, the Message Bar notifies the user that the links are disabled. Users can enable the links by clicking the Message Bar. You can modify this default behavior by configuring security settings for external content. These settings enable you to:

For detailed explanations of each external content setting, see "External content settings" in Security policies and settings in the 2007 Office system.

To plan security settings for external content, use the best practices and recommended guidelines in the following sections.

Suppress hyperlink warnings

You can suppress warnings for some unsafe hyperlinks, including hyperlinks that use unsafe protocols and hyperlinks from a remote file to the local computer. Unsafe protocols are protocols that can run scripts or content that is potentially unsafe, including msn, nntp, mms, outlook, and stssync. To suppress hyperlink warnings for these types of hyperlinks, configure the setting that is described in the following table. This is a global setting that applies to the following applications:

  • Microsoft Office Access 2007

  • Microsoft Office Excel 2007

  • Microsoft Office InfoPath 2007

  • Microsoft Office OneNote 2007

  • Microsoft Office Outlook 2007

  • Microsoft Office Project 2007

  • Microsoft Office PowerPoint 2007

  • Microsoft Office Publisher 2007

  • Microsoft Office Visio 2007

  • Microsoft Office Word 2007

Setting name Configuration Description

Disable hyperlink warnings

Disabled

By default, users are notified about unsafe hyperlinks. In addition, unsafe hyperlinks are disabled until they are enabled by a user. Enabling this setting suppresses warnings for the following:

  • Hyperlinks that use unsafe protocols.

  • Hyperlinks from a remote file to the local computer.

You can configure this setting in the OCT and with the 2007 Office system Administrative Templates (.adm files).

Allow linked images to download automatically in Office PowerPoint 2007

By default, Office PowerPoint 2007 does not display images that are saved on an external Web site (that is, a Web site that is beyond your perimeter firewall). Instead, a placeholder image displays and a warning appears in the Message Bar that notifies users about the potentially harmful external content. Users can allow the image to download by clicking the Message Bar.

NoteNote:

Links to images on internal Web sites are not blocked. An internal Web site is any Web site that is behind your perimeter firewall.

You can change this default behavior so that linked images download automatically. When you do this, users are not warned or notified about the potentially harmful nature of the external image. In addition, users could be exposed to malicious image content and Web beacons. Web beacons are a special type of threat agent that can enable malicious users to identify personal and private information, such as a computer's IP address.

To allow linked images to download automatically in Office PowerPoint 2007, configure the setting that is described in the following table.

Setting name Configuration Description

Unblock automatic download of linked images

Disabled

By default, images that are saved on an external computer do not display in slides. Enabling this setting allows linked images on external Web sites to download and appear in slides. You can configure this setting in the OCT and with the 2007 Office system Administrative Templates (.adm files).

Download this book

This topic is included in the following downloadable book for easier reading and printing:

See the full list of available books at Downloadable content for the 2007 Office Resource Kit .

See Also