Information
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. The recommended state for this setting is: Enabled. (Open/Save blocked, use open policy) By default, users can open, view, or edit specific web-related file types and Excel 2003 XML workbook files in Excel. This could allow malicious code to become active on user computers or the network.
Solution
To implement the recommended configuration state, set the following Group Policy setting to Enabled. User Configuration\Administrative Templates\Microsoft Excel 2016\Excel Options\Security\Trust Center\File Block Settings\Web Pages and Excel 2003 XML Spreadsheets Impact: Enabling this setting requires the following file types to open in Protected View: #x2022; *.mht #x2022; *.mhtml #x2022; *.htm #x2022; *.html #x2022; *.xml #x2022; *.xlmss Saving and editing these file types is not allowed.