Attack surface reduction block triggered in corporate environment

Excel-DNA / ExcelDna

Excel-DNA - Free and easy .NET for Excel. This repository contains the core Excel-DNA library.

https://excel-dna.net

zlib License

1.26k stars 270 forks source link

Attack surface reduction block triggered in corporate environment #665

Closed mike3sullivan closed 5 months ago

mike3sullivan commented 5 months ago

In a customer's locked-down environment, they get the following error when trying to run an add-in with any of the recent versions of Excel-DNA:

Blocked by: Attack surface reduction Rule: Block Office apps from creating executable content Affected items: C:\Users\xxxx\AppData\Local\Temp\ExcelDna.Host\\ExcelDna.ManagedHost.dll

Is there a technical reason why ExcelDna.ManagedHost.dll is copied to a temp folder and is not run from the installation folder?

Edit: fixed typo

mike3sullivan commented 5 months ago

Per Govert, a workaround:

I temporarily used <ExcelDnaUnpack>true</ExcelDnaUnpack> in the csproj file to get a copy of the ExcelDna.ManagedHost.dll. Included that file in my project as Content, copy always, and removed the line from the csproj.

Built as previously and seems to work fine.