web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

News and Announcements icon
Community site session details

Community site session details

Session Id :
Power Platform Community / Forums / Copilot Studio / Issue with Embedded Of...
Copilot Studio
Suggested Answer

Issue with Embedded Office (Excel) in MFC C++ Application – Macros Blocked in Office 365/2024

(0) ShareShare
ReportReport
Posted on by

Hello,
I am developing an MFC C++ application and want to embed an Excel file into my form using OLE Object. When I open the Excel (.xlsm) file directly in Office, macros work normally.
However, when I embed the Excel file into my MFC application via OLE, Office blocks the macros, even though I have already taken the following steps:

Actions I have tried:

  1. Added both the source code folder and the Excel file to a Trusted Location.
  2. Enabled VBA/macros in Office settings.
  3. On Office 2021, everything works fine, but on Office 365 and Office 2024 or later, macros are blocked.

Error message:
When opening the embedded Excel file from my MFC app, Office shows "Macros have been disabled."

My question:
Has anyone encountered this issue before?
Is there any way to allow macros to run when embedding an Excel file into an MFC app via OLE?
Are there any additional permissions, registry configurations, or policies that need to be set?

Thank you very much for your help!

I have the same question (0)
  • Suggested answer
    Radwan Almsora Profile Picture
    24 on at

    Hello,

    ​This issue stems from a critical security architecture change Microsoft introduced in Office 365, Office 2024, and modern cloud-backed versions. Microsoft now strictly enforces Mark of the Web (MoTW) and advanced attack surface reduction (ASR) rules for embedded Object Linking and Embedding (OLE) scenarios.

    ​When your MFC C++ application hosts Excel as an OLE Document Object (COleClientItem), Office no longer evaluates the macro security based only on the Excel file's location. Instead, it evaluates the hosting context. Because the binary data is being read out of an un-vouched structured storage stream inside your app's memory container, Office flags it as an untrusted source by default.

    ​Here are the definitive solutions to resolve this registry/policy barrier for modern Office suites:

    ​Solution 1: Explicitly Add your MFC Application's Executable Directory to Trusted Locations

    ​Modern Office versions require the hosting container application to reside in an explicitly trusted path, not just the .xlsm file itself.


    1. ​Move your compiled MFC .exe into a specific deployment directory (e.g., C:\Program Files\YourCompany\YourApp\).

    2. ​Add this exact directory to the Excel Trusted Locations via the Trust Center or via Group Policy / Registry.

    ​Solution 2: Apply the Registry Fix for OLE Embedded Document Macros

    ​Modern Office suites contain specific security flags that restrict macros inside embedded objects. You can override this behavior by adding an explicit policy DWORD to the Windows Registry.



    1. ​Press Win + R, type regedit, and navigate to the following path (replace 16.0 with your corresponding modern Office version hive):
      HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\excel\security
      (If the keys do not exist, right-click and create them).

    2. ​Right-click the security folder, select New > DWORD (32-bit) Value.

    3. ​Name it: BlockContentExecutionFromInsecureContainers

    4. ​Set its value data to 0 (Setting it to 0 allows trusted execution; 1 blocks it completely).

    5. ​Additionally, ensure that the DWORD VBAWarnings under the same security key is set to 1 (Enable all macros) or 2 (Disable with notification) during your runtime testing.

    6.  

    ​Solution 3: Elevate Your App using the Manifest File

    ​If your MFC application loads the .xlsm content stream from a local database or external file, it may be triggering a process isolation policy.


    • ​Ensure your MFC application is compiled with a manifest that enforces a known security context.

    • ​If your application downloads the Excel template from a network share or an internal server, ensure you strip the Zone.Identifier (Mark of the Web) from the template file via C++ code prior to reading its stream, using DeleteFile on the alternative data stream (filename.xlsm:Zone.Identifier).

    ​Solution 4: Architectural Workaround (Automation instead of In-Place Embedding)

    ​If your corporate Group Policies (GPO) strictly lock down the BlockContentExecutionFromInsecureContainers key, in-place active OLE embedding will remain blocked by modern Office design.

    ​The industry standard workaround for modern Office 365 compatibility is to move away from active OLE component embedding and switch to COM Automation with a Parent Window Wrapper:


    1. ​Launch Excel as an out-of-process hidden COM server using CreateDispatch(_T("Excel.Application")).

    2. ​Open the file normally via the Workbooks.Open() method (which fully respects local Trusted Locations).

    3. ​Use the Windows API SetParent() to programmatically reparent the Excel main window frame directly into your MFC application's dialogue/form view window control.

    ​Please try the Registry modification in Solution 2 on your test machine first, as it is the most direct fix for the modern OLE macro block behavior. Let us know if this resolves the issue within your environment!

    ​Best regards,

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Kudos to our 2025 Community Spotlight Honorees

Expanding mentorship, skilling, and AI innovation

Congratulations to the May Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > Copilot Studio

#1
Valantis Profile Picture

Valantis 277

#2
11manish Profile Picture

11manish 206

#3
sannavajjala87 Profile Picture

sannavajjala87 156 Super User 2026 Season 1

Last 30 days Overall leaderboard