Information
By default, third-party ActiveX controls are not allowed to run in one-off forms in Outlook. You can change this behavior so that Safe Controls (Microsoft Forms 2.0 controls and the Outlook Recipient and Body controls) are allowed in one-off forms, or so that all ActiveX controls are allowed to run. The recommended state for this setting is: Enabled:Load only Outlook Controls.
Rationale:
If additional types of Active X controls are allowed, particularly un-trusted third-party controls, the risk of malware infecting the computer increases.
Solution
To implement the recommended configuration state, set the following Group Policy setting to Enabled.
User Configuration\Administrative Templates\Microsoft Outlook 2016\Security\Allow Active X One Off Forms
Then set the Allow Active X One Off Forms option to Load only Outlook Controls.
Impact:
This setting enforces the default configuration and therefore should not have any effect on usability.