Windows Security blocking installation and causing an error with v4.0.34

[damorinCan]

Hi,

In Windows 10, when clicking on the 'Version Control.accda' and clicking on "Install Add-In', this is causing the following error:

ERROR: Unhandled error, likely before `On Error' directive Source: .Unknown.LogUnhandledErrors.

In Windows Security, the description is:

App or process blocked: MSACCESS.EXE Blocked by:Attack surface reduction Rule: Prevent all office applications to create child process

As a note the "Rule" was in French on my PC, I translated this to my best knowledge.

Before asking my IT department to add an exception, can someone confirm this is not a problem ?

Thanks,

[hecon5]

As someone who operates in a "high security" environment, I can almost guarantee this issue is caused by your cyber policy blocking macro execution.

If you can have them add an exception for Access Macros, that'd be the best way.

What our IT group did was add a specific folder an access file has to operate in for the exception to be valid. This allows the IT / OT group to reduce the attack surface (it is highly unlikely other access / office products will know to move to the "special" folder), and for us to run Access VBA macros (which at the time we did this couldn't be signed, that's changed, but the currently delivered file doesn't have signed macros).

What I recommend:

1. Pick a folder to develop in. Make sure ALL your devs use that same folder.
   2. We use c:\users\[Username]\Documents\[OurGroupName]-Tool-Dev\
   3. We have a separate folder in C:\Users\[Username]\AppData\Local\[DatabaseRelease]\ for everyone to operate the delivered product.
2. Install either to the delivered product location (what we do), or to the development folder (less ideal because if you're me you have a tendency to accidentally delete it when you're cleaning house.
3. It looks like we'll need to update the install to show the added options for higher security environments. I'll try and remember to do that...
4. Make sure the "Enable Execution" yellow bar at the top is gone (select "Enable Macros").
5. Make sure "Trust Add-In Folder" is selected.
6. Click "Advanced Options"
   1. 
7. Select "Use ribbon addin" and "Open add-in after installing to trust the add-in file"
8. Select the installation folder you previously chose above.
9. Install Addin.

If that doesn't work, you may need to uncheck "Use Ribbon Addin"; but the ribbon is such a nice thing try first to use it.

[hecon5]

Your IT group may also be interested in this: https://github.com/joyfullservice/msaccess-vcs-addin/wiki/Security-Considerations

[hecon5]

Did you resolve this? If so, can you close the issue? If there's more to be determined on the add-in side, we can troubleshoot.

[damorinCan]

Yes, we found another way around it; it's to run the 'cmd' file to complete the installation.

Thanks.

[hecon5]

@damorinCan, can you close this if it's fixed?

[damorinCan]

Done.

[hecon5]

Thanks!