MS Office deactivation

[You Need a Thneed]

I have a computer that I have been using for years, it always had a full version of MS Office installed on it (2008? I think).

Somewhere along the way, Office thought it wasn’t registered, (maybe on windows 10 install?).

Now it’s threatening to deactivate features on June 2 if not activated. How can I find an old product key to enter, or get around this?

[Hemi-Cuda]

KMSpico might be what you need...

On a related note, if you work for a company that subscribes to Microsoft 365 or Office 365, they give you a 5 computer license for the Office suite. So including your work computer, you could install office on 4 other machines without paying anything, you just register the app with your work email and password

[Wormius]

Quote:

Originally Posted by Hemi-Cuda

KMSpico might be what you need...

On a related note, if you work for a company that subscribes to Microsoft 365 or Office 365, they give you a 5 computer license for the Office suite. So including your work computer, you could install office on 4 other machines without paying anything, you just register the app with your work email and password

I am not sure I’d want company owned Microsoft products on my personal PCs. There’s a bunch of admin / boss features that could be enabled.

[TorqueDog]

Quote:

Originally Posted by Wormius

I am not sure I’d want company owned Microsoft products on my personal PCs. There’s a bunch of admin / boss features that could be enabled.

In some rare instances (depends on the company you work for), you can't even log into the apps for activation purposes unless you register the PC with Intune / AAD. I personally can't log into Teams on my personal workstation using a browser or the app unless I use my corporate credentials for both the Edge browser profile and allow corporate management via Intune of my personal machine. That's a big nope from me, so I buy my own copy.

[DoubleF]

Quote:

Originally Posted by Wormius

I am not sure I’d want company owned Microsoft products on my personal PCs. There’s a bunch of admin / boss features that could be enabled.

Dumb question, what can they do in such a situation? Most people save all sorts of personal passwords and information on corporate machines anyways, so what can be done beyond that?

Obviously it's some form of back door, but what can actually be done with this back door I have no clue. Some of those I've asked before basically treat any form of back door as a keylogger, risk of ransom ware, stealing and whatever boogeyman, but I honestly think they don't have a clue either. Others I've asked said it's unlikely a big deal, but also say that they're unlikely to bother with acquiring 25 non-expiring keys for like $100 on eBay and deploy it on all computers in a business if the company will pay for it anyways.

Again, no explicit reason "why".

I've seen a situation where an IT company registered the 365 keys under their own name that the customer paid for and called it "convenience, so they didn't have to track too many keys across different companies" and explained to non-tech savvy people that as long as the program was installed on their computer, all was fine and they got what they paid for. I made sure to get the client to have the contract ended with them, but I have no idea what damage they could have done in the first place. Last I heard, that IT company got ransom wared to the point that they lost everything including the back ups for their clients. It was the dumbest thing I'd ever heard in my life and somehow, these guys are still in business!

[Wormius]

^^^ I am not sure how much a boss or somebody snooping from your company could see. I had admin privileges in Office 365 and I could see all of the employee stats for all of the Office apps and extensions used: where they were logging in from, how many emails they received and sent, app usage. I didn’t delve into it very far, but on the surface it seemed like a bunch of stuff for employees performance metrics. I don’t care too much because I don’t do anything non-work related on my work pc, so if the boss could see I spent 2 hours researching something in Edge I wouldn’t mind - but if it combined my home pc Edge browsing behaviour or some personal documents prepared in Word, because my Office software was linked to a company email address, I’d be concerned.

I don’t keep or do any personal stuff on my work pc. If I am on, say, Calgarypuck, I use my phone and do it on my own data plan.

Maybe none of that is possible and I am just being paranoid. I wouldn’t want to risk it just to get some free software though. OpenOffice is pretty decent and you can find OEM licenses of some older Office software on Amazon for a good deal. I personally prefer the non-cloud based Office whee it wasn’t pestering you about using OneDrive whenever you wanted to create new documents or spreadsheets.

[Hack&Lube]

IIRC Microsoft Office Online is offered for free now by Microsoft and for most needs, it can do everything the old desktop versions can do plus you can use it anywhere in any browser and your work is saved in the cloud.

https://www.microsoft.com/en-us/micr...ne-for-the-web

[Hemi-Cuda]

Quote:

Originally Posted by Wormius

^^^ I am not sure how much a boss or somebody snooping from your company could see. I had admin privileges in Office 365 and I could see all of the employee stats for all of the Office apps and extensions used: where they were logging in from, how many emails they received and sent, app usage. I didn’t delve into it very far, but on the surface it seemed like a bunch of stuff for employees performance metrics. I don’t care too much because I don’t do anything non-work related on my work pc, so if the boss could see I spent 2 hours researching something in Edge I wouldn’t mind - but if it combined my home pc Edge browsing behaviour or some personal documents prepared in Word, because my Office software was linked to a company email address, I’d be concerned.

I don’t keep or do any personal stuff on my work pc. If I am on, say, Calgarypuck, I use my phone and do it on my own data plan.

Maybe none of that is possible and I am just being paranoid. I wouldn’t want to risk it just to get some free software though. OpenOffice is pretty decent and you can find OEM licenses of some older Office software on Amazon for a good deal. I personally prefer the non-cloud based Office whee it wasn’t pestering you about using OneDrive whenever you wanted to create new documents or spreadsheets.

Those performance metrics are per app, and they only track if someone is actually using the apps, not what they're doing with them

https://docs.microsoft.com/en-us/mic...o365-worldwide

No one can see your browsing history because you activated office at home

[Galakanokis]

I believe Intune would be required "to see" what a user is doing. I used it extensively at my old company, any company phone, tablet or laptop had it. It will show what the admin has access to though. It was used for remote administration around the device being lost. I don't believe anything in M365 has that level of control so not much to worry about using a corporate subscription on a personal device.

[Hemi-Cuda]

Quote:

Originally Posted by Galakanokis

I believe Intune would be required "to see" what a user is doing. I used it extensively at my old company, any company phone, tablet or laptop had it. It will show what the admin has access to though. It was used for remote administration around the device being lost. I don't believe anything in M365 has that level of control so not much to worry about using a corporate subscription on a personal device.

Even Intune (or MDM or whatever Microsoft calls it now) can't see browsing history or detailed app data. It's main function is security, admins can lockdown devices so only certain approved apps can be installed, remotely wipe lost devices, push apps to devices, etc. They can't see your browsing history though or data from any non-Microsoft apps. The only ones who can see what sites you visit are the networking folks who manage the corporate firewalls, so if you're paranoid or you just work for a really uptight company just don't do personal browsing on the company network

[TorqueDog]

Yeah, it isn't really a back-door. A back-door suggests you aren't being made aware of it, and right off the bat, you will / may be prompted to authorize corporate management of your machine (or click the 'Allow management of this app only').

The result of allowing machine management means the company can dictate if you are required to install certain updates within a specified timeframe, update software that is out of date or contains a known vulnerability, etc. Whether at the document or machine level, this management can also mean that you get information rights management applied to your documents by default, so you need to ensure you change the sensitivity label to whatever the "non-business, don't touch my stuff" option is, provided your company has configured one to begin with.

It is not the boogeyman, but nor is it something to be taken lightly.

[DoubleF]

Quote:

Originally Posted by TorqueDog

Yeah, it isn't really a back-door. A back-door suggests you aren't being made aware of it, and right off the bat, you will / may be prompted to authorize corporate management of your machine (or click the 'Allow management of this app only').

The result of allowing machine management means the company can dictate if you are required to install certain updates within a specified timeframe, update software that is out of date or contains a known vulnerability, etc. Whether at the document or machine level, this management can also mean that you get information rights management applied to your documents by default, so you need to ensure you change the sensitivity label to whatever the "non-business, don't touch my stuff" option is, provided your company has configured one to begin with.

It is not the boogeyman, but nor is it something to be taken lightly.

So it's not really a back door or stealing of sensitive information per se, but if you use "their tool" to create something, they can technically attempt to claim that creation in corporate property or something strange like that?

So it's less computer vulnerability even with the ability to push updates and a little more of an odd legal ownership vulnerability of things created using the software they own? Huh... interesting. Thanks for the explanation.

This doesn't completely help me understand how to completely explain that those $5 license codes of M365 on eBay aren't a good idea on personal and non-key work computers. I wish I knew what key words to look into to research this further.

[TorqueDog]

Quote:

Originally Posted by DoubleF

So it's not really a back door or stealing of sensitive information per se, but if you use "their tool" to create something, they can technically attempt to claim that creation in corporate property or something strange like that?

So it's less computer vulnerability even with the ability to push updates and a little more of an odd legal ownership vulnerability of things created using the software they own? Huh... interesting. Thanks for the explanation.

This doesn't completely help me understand how to completely explain that those $5 license codes of M365 on eBay aren't a good idea on personal and non-key work computers. I wish I knew what key words to look into to research this further.

Not quite; it's just that sensitivity labels are applied by default. This is because the assumption is you are using corporate tools for corporate stuff, and most people forget to apply a label at all if one isn't already set by default.

In order to use the company's license for Office 365, you have to use your corporate credentials to activate it. With those credentials, it will also connect to the corporate SharePoint and OneDrive for Business to ensure your documents are available -- again, it assumes you're using corporate tools for work -- which means the ability to open corporate documents on that endpoint, thus the requirement for ensuring the system is secure and can work with IRM sensitivity labels, which I think is a justifiable one on the company's end. I just don't think -- as an end user -- I would be willing to submit to any level of control over my personal PC to my company just so I can use a word processor.

As the user you can only allow it to control just the app in most instances (a 'zero trust'-type configuration will not allow it), but it will still enable IRM sensitivity labels and you'll want to make sure you flag your documents as 'Non-business' or whatever the 'not encrypted, no rights revocation' option is; the default is 'General' which applies a basic IRM policy.

Those $5 codes aren't a good idea because they're usually stolen VLK / MAK keys and your copy can go -poof- if the contract to which the license key is associated gets revoked. If they're NOS Office perpetual licenses, that's different, then you're just getting an old copy of standalone Office suite that someone couldn't sell.