Tip 981: Social Connector Triggers Security Alert

Update: This will be fixed in a future update. If you are affected by it and cannot change the security settings (such as in a corporate environment) the administrator can call Microsoft support for an updated certificate.

Microsoft released an update to Outlook's Social Connector and if you use the option to Apply macro security configuration to add-ins, a security alert comes up when Outlook loads. The alert tells you that Office has identified a potential security threat and lists the Social Connector dll. You are presented with 3 choices: Trust the certificate, Enable the add-in or disable it. When you choose the last two options, you'll need to respond to this dialog the next time you open Outlook.

The Lync ucaddin.dll is also affected by this bad certificate.

Outlook's Macro security alert comes up when it starts

This is the result of Microsoft using a new certificate to sign the files. Click Trust all documents from this publisher to accept and save the certificate.

Note that the new certificate is signed with an invalid digital signature. This should not prevent home or small business users from trusting the certificate and eliminating the dialog, however corporations with policies that require a valid signed certificate will not be able to accept the certificate or use the Social Connector.

This warning is triggered by the Add-in security setting in File > Options > Trust Center > Macro Settings. While you can disable this warning, trusting the new certificate will also work.

Change your macro security settings

When you click the Trust all documents from this publisher button, the certificate is added to your computer and listed in Outlook's Trusted Publisher list.

Certificates for Trusted Publishers

Published April 25 2012