this post was submitted on 23 Sep 2025
730 points (98.5% liked)
Microblog Memes
9285 readers
2496 users here now
A place to share screenshots of Microblog posts, whether from Mastodon, tumblr, ~~Twitter~~ X, KBin, Threads or elsewhere.
Created as an evolution of White People Twitter and other tweet-capture subreddits.
Rules:
- Please put at least one word relevant to the post in the post title.
- Be nice.
- No advertising, brand promotion or guerilla marketing.
- Posters are encouraged to link to the toot or tweet etc in the description of posts.
Related communities:
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
As someone who doesn't use microsoft stuff.. anyone here have an explanation? lol
For me, when I open an Excel file from our business partner, it will always open in protected view which limits the functions the document can do. I then have to tell it to open in regular view which closes the doc and reopens it, wasting my time.
But sometimes even doing that won't solve the problem. It will say I have to go into the doc's properties and mark it as "safe". That requires closing it yet again. Right clicking it in file explorer, and checking a box in the properties tab. Then I get to reopen it yet again.
And I have to do this nearly every single time. Fun stuff.
How can you know if a document is safe to open in this "regular view"?
Microsoft office documents not running in protected mode can run arbitrary code on your computer. Given VBA that arbitrary code can pretty much access anything any installed application can.
There's a load of Office malware written that can infect all the documents on your system with keyloggers and password scrapers.
It's a pain in the ass yeah, but it exists to mitigate a very real risk.
It doesn't mitigate anything when it pops every single time. Microsoft on its own has rendered scary messages useless with how often they use them.
U would want to install a rat or do a browser token theft. Why bother with a keyloggers when u can steel access codes from the browser directly.
Thamks :3.. I can see why that would be annoying lol
What company do u work at? Cos one well placed email with a dodgy file attached could destroy the entire company.
As someone who never did anything dodgy with a computer in my time. Its cos Microsoft files opened not in protected views can embed and execute macros. These macros are essentially a remote code execution. Mostly not used anymore (defaults to disabled macros) but plenty of large orgs still have macros enabled cos legacy bullshit.
U can do similar with some font formats, screensavers, and a multitude of unexpected things that most people think are completely safe. That's how linustechtips was got rce through screensaver disguised as PDF that installed a rat and token stealer that stole live YouTube session tokens. U can also use the victim device as an exit for routing traffic as a reverse proxy so tokens appear to be coming from the same device to avoid triggering security warnings.
Tldr don't enable it for random files from dubious sources and check the file extensions else u will get hacked.
So disable macros until enabled. But protected view won't even let you edit a text document.
Yeah Idk why that is all I know is macros will ruin ur life if ur not careful. Luckily I run QubesOS so not a problem I'm too concerned with.
Microsoft documents can contain macros (scripts). While there are legitimate uses for macros, bad actors can use them for malicious purposes.
Protected mode prevents the macros from running.