Outlook security patches intentionally break custom forms

Credit to Author: Woody Leonhard| Date: Tue, 19 Sep 2017 06:37:00 -0700

When Microsoft released its Outlook security patches on Sept. 12, several readers complained that their custom form printing capabilities disappeared. Ends up the bug that broke VBScript printing isn’t a bug at all.

Microsoft announced over the weekend that it intentionally disabled scripts in custom forms, and those with printable custom forms need to make manual Registry changes to bring the feature back.

Those of you who have installed any of this month’s Outlook security patches:

will have to dive into the Registry if you want to enable any custom form scripts, including the VBScript printing capability. It’s complicated, and the method varies, depending on which version of Office you’re using and the bittedness of Windows and Office. Diane Poremsky has detailed instructions on her Slipstick Systems site.

Of course, Microsoft didn’t tell us about the change when it released the security patches. To this date, there’s no notice in the associated KB articles either.

The change is intended to make it harder for bad guys to break into your computer. That’s a noble goal, but it sure could’ve been communicated in a much better way.

Those of you running Office Click-to-Run either have the bug, or you’re about to get it. Current Channel, Semi-Annual Channel and Insider Slow got the bug, er, new behavior in Sept. 18’s 16.0.8431.2079. Deferred Channel got it in 16.0.8201.2193. Deferred Extended and Insider Fast apparently don’t have the new feature just yet.

The other bug I talked about last week, where the Office 2007 and 2010 patches started showing Swedish menus in the Hungarian language version, Portuguese in Italian, Swedish in Slovenian, Spanish in Italian, and many more, hasn’t been fixed. The Slipstick Systems site has a complex workaround.

Vent your spleen on the AskWoody Lounge.

http://www.computerworld.com/category/security/index.rss