Powershell: Detect Office Application Security Settings

PowerShell Script to Detect Office Application Security Settings

In this blog post, we'll be exploring a PowerShell script that detects the security settings of Microsoft Office applications. The script is designed to check if the Trusted Locations feature is enabled for Word, Excel, and PowerPoint.

Prerequisites

The Script

This script uses a combination of loops and conditional statements to iterate through the list of Office applications and check if their Trusted Locations features are enabled.

$good = 0
$bad = 0

$apps = @("Word", "Excel", "Powerpoint")

foreach ($app in $apps) {
    Write-Output "Checking $app"
    $regpath = "HKCU:\SOFTWARE\Microsoft\Office\16.0\$app\Security\Trusted Locations\Location12"
    if (Get-ItemProperty $regpath) {
        Write-output "`t$app good"
        $good++
    } else {
        Write-output "`t$app bad"
        $bad++
    }
}

How It Works

Section 1: Initialization

$good = 0
$bad = 0

$apps = @("Word", "Excel", "Powerpoint")

This section initializes two counters, $good and $bad, to keep track of the number of applications with enabled and disabled Trusted Locations features respectively. It also defines an array called $apps containing the names of the Office applications to be checked.

Section 2: Looping Through Applications

foreach ($app in $apps) {
    Write-Output "Checking $app"
    $regpath = "HKCU:\SOFTWARE\Microsoft\Office\16.0\$app\Security\Trusted Locations\Location12"
    if (Get-ItemProperty $regpath) {
        Write-output "`t$app good"
        $good++
    } else {
        Write-output "`t$app bad"
        $bad++
    }
}

This section uses a foreach loop to iterate through the list of Office applications. For each application, it checks if the Trusted Locations feature is enabled by looking for the corresponding registry key. If the key exists, it increments the $good counter and outputs a message indicating that the application has its Trusted Locations feature enabled. If the key does not exist, it increments the $bad counter and outputs a message indicating that the application has its Trusted Locations feature disabled.

Key Code Snippets

if ($good -eq 3) {
    Write-Output "Compliant :)"
    Exit 0
} else {
    Write-output "Not-complaint :("
    Exit 1
}

Usage Examples

To use this script, simply copy and paste the code into a PowerShell console or save it to a file with a .ps1 extension and run it. The script will output the results of its checks, indicating which Office applications have their Trusted Locations features enabled.

Conclusion

This PowerShell script provides a simple way to detect the security settings of Microsoft Office applications. By iterating through the list of Office applications and checking if their Trusted Locations features are enabled, it can help users identify potential security vulnerabilities and take corrective action.