For the unfamiliar, Microsoft Office Add-ins are extensions that end-users can install with most Microsoft Office products like Word, Excel, and Outlook. These extensions can support new media types, extend the user interface, or even integrate with third-party services (ex: Zoom or Wikipedia).
Like web browsing, the documents employees interact with within Microsoft Office are often incredibly sensitive and contain confidential information essential to the business or customers. Add-ins (depending on their permissions) have unprecedented access to documents and emails, allowing them to read or even alter their contents. While Microsoft does a reasonable job of vetting obvious malicious add-ins, there are sometimes cases where an add-in provides a service by transmitting parts or potentially all content in a document to the third-party serve (ex: Grammarly). These freemium services may be undesirable or potentially even violate the company's existing data sharing and privacy agreements like the GDPR.
To that end, we wanted to provide a way to easily enumerate these add-ins, their capabilities, and other relevant info, right in Inventory, for both Mac and Windows devices.
Every Office Add-in has a manifest file that gives us unique insight into the add-in capabilities, permissions, and type on both Mac and Windows devices. To view this information across the fleet, browse directly to the Microsoft Add-in section in Inventory.
There are many types of add-ins and specific capabilities associated with each. We encourage you to refer to the official Microsoft Office developer documentation to learn more about interpreting this data in Inventory.
In addition, Microsoft Office Add-ins join many other "installable" Inventory items in our global search. Here is an example of finding an add-in called "Wikipedia." You can also search for Add-ins by their unique identifiers.
Beyond collecting data from each endpoint, Kolide will also attempt to source data about the add-in from Microsoft's Add-in Store called Microsoft App Source. From there, we can pull essential data like the latest published version, the last release date, and the average rating.
We collect Microsoft Add-ins by default. If you don't want to collect this data from your devices, you can also use our new data collection opt-out feature.