In December 2023, Microsoft resolved a security issue that could lead to the exposure of personal information when trying to open .ICS format files (calendars) with Outlook (CVE-2023-35636). La patch released at the time prevented the attacker from acquiring the NTLM hashes, i.e. the information connected with the credentials used to log in to Windows. After installing the corrective updates a few months ago, however, many users began to complain about the appearance of the “Office has identified a potential security issue“.
Office has identified a potential security issue: when the message appears and how to fix it
After installing the official update last December, users of Microsoft 365 they saw the message “Office has identified a potential security issue” trying to open a locally stored .ICS file. As further explanation, the message contains the phrase: “This route may not be safe“.
Confirming the existence of the problem, Microsoft stated in February 2024 that the highlighted behavior is anomalous and should not occur for any .ICS file saved on the local system.
The Redmond company has now finally confirmed that it has identified the cause of the problem, releasing a further corrective update. For now it will reach Microsoft 365 users registered in the beta channel (2404 build 17531.20000) while the stable releases will receive it starting from April 30th.
The fix will also be extended to previous versions of Microsoft 365 with the distribution of the June 2024 patches.
Manual fix, waiting for the official patch
As Microsoft had indicated at the time, to avoid the appearance of the “Office has identified a potential security issue“, it is possible to intervene on the configuration of the system registry before the release of a fix patch.
For example, you can open the command prompt with administrator rights (type cmd in the Windows search box then choose Run as administrator) and type the following:
reg add HKCU\software\policies\microsoft\office\16.0\common\security /v DisableHyperlinkWarning /t REG_DWORD /d 1 /f
The only problem is that, in this case, Office will stop showing notifications for others too file formats potentially dangerous. Not only when opening local .ICS files. The above command, therefore, should be understood as a temporary solution waiting for the official Microsoft patch, certainly not as a definitive intervention.
To cancel the effects of the change and restore the default configuration, simply issue the following command:
reg delete HKCU\software\policies\microsoft\office\16.0\common\security /v DisableHyperlinkWarning /f