Closed anxiouslelimo closed 2 years ago
bongochong
commented
2 years ago Thanks for the report! Just verifying this info (so far Microsoft documentation seems to confirm what you're saying), and if it all checks out, it will be resolved in all my lists within an hour.
bongochong
commented
2 years ago Alright, so across most versions of Windows 10 and 11, self.events.data.microsoft.com is indeed listed as a required endpoint. On the other hand, if you click through the various editions and versions of Windows 10 and 11, and the documentation for Office on Mac, nexusrules.officeapps.live.com is explicitly listed as a telemetry endpoint on the majority of platforms, only being listed as a required endpoint for a couple of specific Windows 10 versions (1809 and 1903 Enterprise). It is also not listed as a required endpoint for Office 365.
Conclusion: Seeing as privacy for the average user is an extremely high priority for my lists, I will only be globally whitelisting self.events.data.microsoft.com. That change will be implemented across all of my lists over the next two hours. I suggest manually whitelisting the other domain for users on the specific editions/versions of Windows that require it for complete Office functionality.
Request to whitelist
The following endpoints are used to connect to the Microsoft 365 admin center's shared infrastructure, including Office in a browser. For more info, see Office 365 URLs and IP address ranges. You can turn this off by removing all Microsoft Office apps and the Mail and Calendar apps. If you turn off traffic for these endpoints, users won't be able to save documents to the cloud or see their recently used documents.