Microsoft Word and Excel Macros for DeskSite and FileSite Expire on August 26, 2021
Critical Information for Immediate Review
This App information alert is provided by HeliX to bring immediate attention to critical information about one of the Apps in the HeliX catalog. Due to the critical nature of this alert, it is being delivered to all subscribers regardless of the email notification options and current status of this App in individual subscriptions. See below for details about the affected App and a summary of the vendor information that warrants this special alert.
Alert Summary
Alert Details
For security reasons, iManage develops macro files for Word + Excel that control Office shortcut key integration using digital signatures to designate that the files are from a trusted source, and which are set to expire on a preset date. Depending on the Macro security settings for your Office environment, Word and Excel may display a warning message about an invalid or expired digital certificate after August 26th, 2021, and the use of Save, Save As, Open and Print may be disabled for the user.
Notes: This should only affect shortcuts from Word + Excel, and this should not affect any corresponding functionality initiated directly from buttons on the iManage ribbon or Office backstage menus. Work 10 Desktop Office integration, or Work 10 Desktop Office integration running in compatibility mode with 9.3.6 clients should not be impacted, but every environment should test their specific setup to be sure these macro files are not in use. Whether or not you will be affected by this issue depends on the current configuration for Office macro settings in your environment – strict macro runtime settings, Trusted Publishers and Trusted locations all have the potential to change how macro templates such as these run when their digital certificate expires.
To update the templates and certificates, iManage provides CSAR-2829 for 9.3.x builds of DeskSite and FileSite here:
https://help.imanage.com/hc/
iManage also states that the updated templates and certificates are included in the latest release of DeskSite and FileSite (version 9.3.7) and this version is available in HeliX. However, this is a major new version and also includes significant new features and functionality so it is not the recommended path to resolve this issue in production environments.
Your HeliX subscription includes packaging and delivery of the updated macros and the new version of the affected clients to your AppSource share and Microsoft Endpoint Management system, and we will be adding these updates to active subscriptions beginning today. However, regression testing and final distribution of the updated macros or the new client version to production systems is the subscriber’s responsibility. Before upgrading to any new version of DeskSite or FileSite or distributing the updated macro files to either release, full and proper testing is strongly advised.
About Helix Notifications
The HeliX service notifies its subscribers of certain third-party alerts that may be relevant to the subscribers’ IT systems. The third party that published this alert is not in any way affiliated with Helient Systems. Helient Systems has not independently verified the information in the alert, and is not responsible for its availability, accuracy, or completeness. By delivering this notification, Helient Systems does not assume responsibility for installing any updates or patches, or performing any remediation, repair, or other services, that may be recommended in the alert. Each subscriber is solely responsible for updating its own production systems with any and all recommended updates and patches.
If you need assistance understanding or implementing the recommendations, we would be happy to help. You may contact Helient Systems for additional assistance through our ticketing system at service@helient.com.
This HeliX alert is among a small subset that have been made public for the benefit of all Helient customers and the broader community. HeliX Subscribers receive a continuous feed of timely and targeted notifications to their inbox and their mobile device. HeliX keeps you in the know and in control. To find our more about HeliX, download the datasheet now!