16/11/2020

Limit Office 365 Telemetry with this undocumented setting

Office 365, just like Microsoft Windows, Microsoft Office and other Microsoft products collect and submit telemetry data to Microsoft servers by default. Only a few options to limit data collection are provided to most users of Windows and other Microsoft products; Enterprise customers do get more options. When it comes to Office 365, there is an undocumented setting that administrators may set on Windows devices to limit telemetry.

The setting was revealed by Aleksandar Milenkoski on Twitter. Milenkoski analyzed telemetry in Microsoft Office and published a report about his findings for the German Federal Office for Information Security. The English version of the report is available as a PDF document that you can download / view with a click on this link. It includes a treasure trove of information about telemetry in Office, including an entire chapter on disabling the output of diagnostic data. The chapter lists Microsoft endpoint servers that telemetry data is submitted to and an undocumented Registry setting that will limit telemetry when enabled.

Here is what needs to be done:
  1. Use Windows-R to open the run box on the Windows system.
  2. Type regedit.exe and click OK to load the Registry Editor.
  3. Confirm the UAC prompt if it is displayed.
  4. Go to HKEY_CURRENT_USER\Software\Policies\Microsoft\office\
  5. common\clienttelemetry\.
  6. Create missing keys by right-clicking on the previous key and selecting New > Key. Name them according to the path information.
  7. Right-click on clienttelemetry and select New > Dword (32-bit) Value.
  8. Name it DisableTelemetry.
  9. Set its value to 1 to disable some of the data collecting that goes on normally.

Milenkoski notes: "Setting the registry value HKEY_CURRENT_USER\Software\Policies\Microsoft\office\ common\clienttelemetry\DisableTelemetry to 1 disables the Aria and Nexus Office telemetry modules (see Section 2). For example, if DisableTelemetry is set to 1, Office applications do not load the
MSOARIANEXT.dll library file, which implements Aria (see Section 2.1)"

He goes on to note that the setting does not impact Office functionality.

Not all data collecting is disabled when the Registry value is set to 1. However, it disables the output of diagnostic data only from the Aria and Nexus Office telemetry modules. It does not disable, for example, the output of diagnostic data produced by connected experiences, sent to Microsoft by Windows telemetry modules (see Section 2). For example, when DisableTelemetry is set to 1, OLE32 Extensions for Win32 still sends diagnostic events to hubblecontent.osi.office.net/contentsvc/api/telemetry when a user uses the Insert Icon connected experience in Word.

The undocumented Registry setting cannot be configured using the Group Policy editor. Milenkoski lists policies that are relevant for limited telemetry as well in the document.

https://www.ghacks.net/2020/11/15/limit-office-365-telemetry-with-this-undocumented-setting/

No comments :

Post a Comment