Technology Tips and News
since a recent a MS update I keep getting a prompt as shown below:
on investigation this seems to be pointing to an MS website http://office14client.microsoft.com/config14?UILCID=1033&CLCID=1033&ILCID=1033&HelpLCID=1033&App={E72E0D20-0D63-438B-BC71-92AB9F9E8B54}&build=14.0.7147 which is not SSL either.
This prompt occurs 4 times then does not appear again until the computer is rebooted.
Has anyone else experienced this and if so how did you stop it from happening.
Hi Aidan,
Do you mind telling me from what version you update to what version? From Office 2010 to Office 2013?
From what you have discribed, seemed authentication issue, we may try steps below refer from KB2123563:
Chloe,
Sorry for the delay in replying, we've been swamped. We've changed the reg key you refer to and the behaviour has changed: previously, we had 4 alerts pop up for Outlook which were username/password boxes for our proxy gateway for outbound traffic, while the other Office apps were simply showing the error originally identified. With this reg change, all Office apps are now showing the proxy gateway authentication box. But the original intent was to find a way to prevent this in-the-background traffic from trying to get to the Web in the first place. We don't want users downloading anything from the Web to use internally, so this automatic attempt by Office components to pull down info from MS should be turned off. If it's always been happening we haven't been aware, but since the April update cycle it's been plaguing us.
How do we suppress all calls to the Web in Office 2010/2013?
Hi Aidan:
Before apply above step, there's one more step to be taken:
Windows Vista, Windows 7, and Windows 8Then Modify keys below as mentioned in above step:
For Office 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\InternetSorry for the inconvient. Please try and let me know the result, thank you.
Hi Aidan:
Before apply above step, there's one more step to be taken:
Windows Vista, Windows 7, and Windows 8Then Modify keys below as mentioned in above step:
For Office 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\InternetOn the Edit menu, point to New, and then click DWORD Value.
Sorry for the inconvient. Please try and let me know the result, thank you.
Hi Aidan:
Before apply above step, there's one more step to be taken:
Windows Vista, Windows 7, and Windows 8Then Modify keys below as mentioned in above step:
For Office 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\InternetOn the Edit menu, point to New, and then click DWORD Value.
Sorry for the inconvient. Please try and let me know the result, thank you.
Hi Aidan:
Before apply above step, there's one more step to be taken:
Windows Vista, Windows 7, and Windows 8Then Modify keys below as mentioned in above step:
For Office 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\InternetOn the Edit menu, point to New, and then click DWORD Value.
Sorry for the inconvient. Please try and let me know the result, thank you.
Hi Aidan:
Before apply above step, there's one more step to be taken:
Windows Vista, Windows 7, and Windows 8Then Modify keys below as mentioned in above step:
For Office 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\InternetOn the Edit menu, point to New, and then click DWORD Value.
Sorry for the inconvient. Please try and let me know the result, thank you.
Hi Aidan:
Before apply above step, there's one more step to be taken:
Windows Vista, Windows 7, and Windows 8Then Modify keys below as mentioned in above step:
For Office 2010 HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\InternetOn the Edit menu, point to New, and then click DWORD Value.
Sorry for the inconvient. Please try and let me know the result, thank you.
Hasn't changed anything. We still get the proxy login popup whenever an Office component is opened, and Wireshark shows packets being sent to our proxy when we don't want them to. Original reference to 'updates' was talking about WSUS updates to our Office 2010 clients. Problem began with April cycle, and May has been applied since then with no change.
How do we stop those packets going to 'Office14client.microsoft.com' every time we open an Office app?
Hi Aidan:
If modifying registry key didn't solve your problem, please revert the change first.
As you mentioned, the issue occured after an update. Do you mind telling me the KB number? If we uninstall the update, will it solve the problem?
Regarding your last reply, is this what you see when you lunch to Office App:
Id this is the case, please refer to KB3066062. Please try it on one machine first, see if it can solve your problem.
Let me know the result, thank you.
Monday showed no change, problem persists. Ref your query about 'the update', we'd uninstall it if we could figure out which one caused this. Here's the list of all Win7 and Office update KB numbers applied to our clients on 30 Apr in ascending order (not order of install):
KB890830
KB2553428
KB2881021
KB2881025
KB2881026
KB2956084
KB2956190
KB2956191
KB2965204
KB2965235
KB2965295
KB2965299
KB2990214
KB3013531
KB3020370
KB3037574
KB3037581
KB3038314
KB3042553
KB3045685
KB3045999
KB3046269
KB3046306
KB3046482
KB3048761
We also have May updates applied, but behavior hasn't changed for this issue. We researched the Apr KB articles (one wasn't available) and can't see anything obvious. Removed 2 (2881026 and 2956191) also no help. More suggestions?
Hi Aidan:
Thanks for the update, let's hold on removing updates at the moment.
Do you mind to help me with some information?
If you just want to disable auto-update, please try this solution: Open any Office feature -> File -> Trust center ->Trust Center Setting -> Privacy Options -> enable "Allow Office to connect to Internet".
Let me know the result and provide me the information above. Thank you.
Hi Aidan:
Thanks for the update, let's hold on removing updates at the moment.
Do you mind to help me with some information?
If you just want to disable auto-update, please try this solution: Open any Office feature -> File -> Trust center ->Trust Center Setting -> Privacy Options -> enable "Allow Office to connect to Internet".
Let me know the result and provide me the information above. Thank you.
Hi Aidan:
Thanks for the update, let's hold on removing updates at the moment.
Do you mind to help me with some information?
If you just want to disable auto-update, please try this solution: Open any Office feature -> File -> Trust center ->Trust Center Setting -> Privacy Options -> enable "Allow Office to connect to Internet".
Let me know the result and provide me the information above. Thank you.
Hi Aidan:
Thanks for the update, let's hold on removing updates at the moment.
Do you mind to help me with some information?
If you just want to disable auto-update, please try this solution: Open any Office feature -> File -> Trust center ->Trust Center Setting -> Privacy Options -> enable "Allow Office to connect to Internet".
Let me know the result and provide me the information above. Thank you.
Hi Aidan:
Thanks for the update, let's hold on removing updates at the moment.
Do you mind to help me with some information?
If you just want to disable auto-update, please try this solution: Open any Office feature -> File -> Trust center ->Trust Center Setting -> Privacy Options -> enable "Allow Office to connect to Internet".
Let me know the result and provide me the information above. Thank you.
Chloe, the only event log entries I see repeat the text I'm seeing on-screen, which are 'Access to this web server is disabled by default because it is controlled by basic authentication and does not use Secure Sockets Layer (SSL). Do you want to search the Microsoft Online Support Center to view possible solutions?'
Your question #2: we have never enabled 'auto-update' since we use an internal WSUS server for all our MS updates. Regarding the Privacy Options, tho, I think we may be on to something. I've verified/cleared all 7 of the tick boxes at your path 'File -> Trust center ->Trust Center Setting -> Privacy Options ->', but don't see the one you mentioned (but YES, that's what we want to do!) Once that's done as an admin and I reboot, then log in as a user OR an admin, I'm not seeing the alerts. But these settings are not available in the GP templates, so far as I can see. In addition to those 7, we also want to clear the box for 'Use online dictionary', but that appears to be a per-application entry, also not apparently covered by the Office GP template.
If this still works in the morning I'll let you know. Any chance of getting the reg keys for these settings so we can clear them using GP Preferences?
Once that's done as an admin and I reboot, then log in as a user OR an admin, I'm not seeing the alerts.
Hi Aidan:
Do you mind to tell me what action was taken as an admin? The registry keys controlling this is in my first reply.I haven't found any GPO to set this yet.
For Privacy setting of Office is: File-> Trust center ->Trust Center Setting -> Privacy Options -> Uncheck connect to Office.com.........
If your action is working, please ignore above solution and do please share your solution.
Keep me posted, thank you.
Sorry, Chloe, but all actions taken thus far have been as an admin unless otherwise specified. But I've just checked once more, and the nag boxes for proxy login are STILL appearing as soon as an Office app is opened. The delay is that, whether I acknowledge those boxes for that app, or simply close them using the red X in the window corner, those boxes don't re-appear for that app until the next day, so there's some sort of caching going on. Simply logging off and rebooting the client PC doesn't have any effect, it appears to be a time-based issue which suggests a settings cache.
And yes, the Privacy Options setting of 'Connect to Office.com for...' is unchecked, as are all the other tick boxes on that screen. So we're no further ahead.
Hi Aidan:
Thanks for the update. It's quite a long thread now. Let me put the information we've got together, if there is any misunderstandings, feel free to correct me.
1. Issue started after an update and only with Outlook, reboot can fix the issue.
2. After changing registry keys, SSL window prompted for all Office Feature.
3. Revert registry changes, "Once that's done as an admin I still have some confusion about this, once what's done as admin? Prevent the nag window from prompting out.
4. It appear again but only one time when you lunch Office feature the first time in a day. Close/ACK the window will make it disappear.
Now I will need more information regarding this:
Meanwhile, we can try following steps to narrow the issue down further:
Note: This is not recommended, if it didnt work, revert it at once.
Please keep me posted, thank you.
Chloe, I agree it's a long thread, let me address your 4 summary statements:
1. Issue started after the April WSUS update cycle, affects ALL Office apps, but manifested differently (Outlook gave Proxy login window, other apps showed SSL error). Wireshark showed 4 outgoing requests to 'office14client.microsoft.com' which is ultimately what we wish to stop. We don't have a problem accessing the Internet at need, the problem is we don't want Office trying to do it on it's own!
2. After changing reg keys, Proxy login now shows for all Office apps including Outlook, so at least it's more consistent behaviour, but Wireshark still shows the unwanted outgoing packets to the URL.
3. I am a network/systems admin at a customer site, all investigation/troubleshooting have been on a workstation in our Development system so as not to affect Production users.
4. Every change so far has not altered the basic behaviour: for each app opened, some popup box appears, 4 times, one at a time. So you get it 4 times for Outlook, 4 times for PowerPoint, 4 times for Excel, etc. When you close all 4 boxes for that app, you don't see them any other time you open that app again for the rest of the day. But the next day it starts all over again.
More information answers:
1. All logins are performed locally using user or domain admin accounts as appropriate. Issue manifests on all logins.
2. Every user sees this on their workstations, admins see this on any workstation or server that has Office 2010 installed.
3. We are using a domain system which is not allowed unrestricted access to the Internet. There is a heavily filtered web proxy in place, and routing is working to get user traffic to the proxy portal as needed. Because of the sensitive nature of the environment we're in, we don't want Office apps to try and contact any download sites for any reason. Since the user isn't manually initiating the connection, the calls to that URL should not be happening in the first place.
Steps to narrow it down further:
1. Performing a 'clean boot' per your link prevents any domain credentials from being used, so only local machine admin can log on, and the local admin cannot attempt to connect to the web proxy at all, so the nag boxes don't appear when using Office apps.
2. Office Safe mode on a normally-booted system makes no difference, same nag boxes appear.
3. Users do not have access to Internet Options, so cannot save proxy credentials. Admins can see the settings but cannot change them, as they're locked down by Group Policy. We don't want the outgoing Office web traffic to be allowed in the first place, so this is a wasted step.
Final items: Trusted Sites manipulation, etc. Not going to happen. We can access the Internet whenever we want, comms to the Web is NOT the problem. We want to prevent Office from trying to contact the Web on it's own.
Hi Aidan:
Thanks for the update. It's quite a long thread now. Let me put the information we've got together, if there is any misunderstandings, feel free to correct me.
1. Issue started after an update and only with Outlook, reboot can fix the issue.
2. After changing registry keys, SSL window prompted for all Office Feature.
3. Revert registry changes, "Once that's done as an admin I still have some confusion about this, once what's done as admin? Prevent the nag window from prompting out.
4. It appear again but only one time when you lunch Office feature the first time in a day. Close/ACK the window will make it disappear.
Now I will need more information regarding this:
Meanwhile, we can try following steps to narrow the issue down further:
Note: This is not recommended, if it didnt work, revert it at once.
Please keep me posted, thank you.
Hi Aidan:
Thanks for the update. It's quite a long thread now. Let me put the information we've got together, if there is any misunderstandings, feel free to correct me.
1. Issue started after an update and only with Outlook, reboot can fix the issue.
2. After changing registry keys, SSL window prompted for all Office Feature.
3. Revert registry changes, "Once that's done as an admin I still have some confusion about this, once what's done as admin? Prevent the nag window from prompting out.
4. It appear again but only one time when you lunch Office feature the first time in a day. Close/ACK the window will make it disappear.
Now I will need more information regarding this:
Meanwhile, we can try following steps to narrow the issue down further:
Note: This is not recommended, if it didnt work, revert it at once.
Please keep me posted, thank you.
Hi Aidan:
Thanks for the update. It's quite a long thread now. Let me put the information we've got together, if there is any misunderstandings, feel free to correct me.
1. Issue started after an update and only with Outlook, reboot can fix the issue.
2. After changing registry keys, SSL window prompted for all Office Feature.
3. Revert registry changes, "Once that's done as an admin I still have some confusion about this, once what's done as admin? Prevent the nag window from prompting out.
4. It appear again but only one time when you lunch Office feature the first time in a day. Close/ACK the window will make it disappear.
Now I will need more information regarding this:
Meanwhile, we can try following steps to narrow the issue down further:
Note: This is not recommended, if it didnt work, revert it at once.
Please keep me posted, thank you.
Hi Aidan:
Thanks for the update. It's quite a long thread now. Let me put the information we've got together, if there is any misunderstandings, feel free to correct me.
1. Issue started after an update and only with Outlook, reboot can fix the issue.
2. After changing registry keys, SSL window prompted for all Office Feature.
3. Revert registry changes, "Once that's done as an admin I still have some confusion about this, once what's done as admin? Prevent the nag window from prompting out.
4. It appear again but only one time when you lunch Office feature the first time in a day. Close/ACK the window will make it disappear.
Now I will need more information regarding this:
Meanwhile, we can try following steps to narrow the issue down further:
Note: This is not recommended, if it didnt work, revert it at once.
Please keep me posted, thank you.
Hi Aidan:
Thanks for the very detailed information. I've read the whole thread and checked those updates you listed and found KB2956191 was released for this issue orignally. Please read this through and download the update correspondingly, install it again.
Let me know if this works.
The KBupdate you provided must be the culprit, then, because we didn't have this issue until after the April update cycle. Our install date for the updates I listed was 21 Apr. But the update won't re-install from the downloaded exe because it thinks it's already installed. Our WSUS server shows both the 32- and 64-bit versions having been approved and installed in April, so I'm guessing something has corrupted it, but that means it's been corrupted on every install in our domain. I can't find the update listed in the PC's 'Programs and Features' update listing, nor can I find it in the reg key which records uninstall info. But I have found the WindowsUpdateClient record of the successful install on 21 Apr. It was the 8th of 21 updates applied that day.
Any suggestions on how I remove the update when I can't find a handle to remove it with? I'll have to remove it before I can reinstall it.
Hi Aidan:
I've read the thread once again, and I noticed this: "Wireshark showed 4 outgoing requests to 'office14client.microsoft.com' which is ultimately what we wish to stop"
Based on this sentence, I assume that the Office on those workstations were still trying to connect 'office14client.microsoft.com' .So one idea came up to me. Though I understand the auto update has been disabled in your environment, let's try to disable it by modify one registry key following steps below:
Meanwhile, I'd like you use process monitor(you can download from here) to capture what has been invoked when you open Word for example. You can open a file share to store the trace file and share me the location through mail to ibsofc@microsoft.com (please keep the thread url or tittle as the mail subject).
Steps of capture the process:
1. Double click Procmon.exe
2. Click Filter tab->from the top dropdown list, select process name ->condition "is" -> winword.exe
3. Open Word -> after the ssl window prompt and close the nag window. Please record the whole process.
4. Meanwhile do a wireshark trace or netmon trace simultaneously
5. Save the trace files in the shared location and share the path to me.
Hope we can find something this way.Thank you.
I'd already tried the Search box to find the update in the 'Installed Updates' dialog, no success. But if it had showed up there, that would indicate a reference in the Registry, and I can't find it there, either.
Office Repair didn't have an effect, either. And System Restore isn't an option, since we use centrally-deployed images and roaming profiles for our environment.
I've even tried deleting a user's profile data files (the NTuser.* files inside their profile) to make sure this isn't profile-based. It not only didn't solve the problem, but the nag boxes that appear for that user (trying Excel) are the original SSL warning boxes, not the proxy login ones. This is getting weirder.
Hi Aidan:
I've read the thread once again, and I noticed this: "Wireshark showed 4 outgoing requests to 'office14client.microsoft.com' which is ultimately what we wish to stop"
Based on this sentence, I assume that the Office on those workstations were still trying to connect 'office14client.microsoft.com' .So one idea came up to me. Though I understand the auto update has been disabled in your environment, let's try to disable it by modify one registry key following steps below:
Meanwhile, I'd like you use process monitor(you can download from here) to capture what has been invoked when you open Word for example. You can open a file share to store the trace file and share me the location through mail to ibsofc@microsoft.com (please keep the thread url or tittle as the mail subject).
Steps of capture the process:
1. Double click Procmon.exe
2. Click Filter tab->from the top dropdown list, select process name ->condition "is" -> winword.exe
3. Open Word -> after the ssl window prompt and close the nag window. Please record the whole process.
4. Meanwhile do a wireshark trace or netmon trace simultaneously
5. Save the trace files in the shared location and share the path to me.
Hope we can find something this way.Thank you.
Chloe, the reg key you've sent me to find, doesn't exist. Under HKLM\Software\Policies\Microsoft\, there is no Office subkey at all. The \Office\14.0\Common path is only found under HKLM\Software\Microsoft\Office\... Do you want me to create all the subkeys under '..Policies\Microsoft\...' to include the 'OfficeUpdate' key, or something different?
As for the traces, etc., there's nowhere to share that info for you to log into. Our system doesn't have any way for you to connect to us. Is there an FTP you'd like me to upload files to? I'll run them once we've done the reg change.
Hi Aidan:
1. Try the seach box on the Top-right connor, see if it can get the result.
2. Have you tried Office repair? If not, try Office repair, see if it can fix the issue.
3. The last thing I could think of is System Restore, but I'm not sure if this is an option for you.
Hi Aidan:
That mail is the only allowed way for us to collect information. If I don't have the trace I'm afraid I couldn't provide more input on this issue.
For the registry key, that's weird though. If it's not there please go ahead creating them. Before changing, make sure you do a backup of current registry.
Also, on another thought: you can delete the whole registry key set of office under HKCU\software\microsoft\Office(still remember to back up)->reboot your PC, it should be able to recreate the whole new set of Office registry keys.
As the limitation of forum support, I really suggest you to contact our premier support to solve your issue in a more sufficient way. Thank you for you understanding.
This topic is archived. No further replies will be accepted.
Other recent topics
Click here to get your free copy of Network Administrator. Over 25 plugins to make your life easier