Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Windows Defeneder - Block all Office Apps from creating child processes #2433

Open
sau001-petroineos opened this issue May 7, 2024 · 6 comments
Open

Windows Defeneder - Block all Office Apps from creating child processes #2433

sau001-petroineos opened this issue May 7, 2024 · 6 comments

Comments

@sau001-petroineos
Copy link

OS (e.g. Windows 10 or macOS Sierra)

Versions of xlwings, Excel and Python (e.g. 0.11.8, Office 365, Python 3.7)

xlwings 0.30.12
Python 3.9.7

Describe your issue (incl. Traceback!)

  1. We have an Excel addin that was developed on top of xlwings by an external contractor.
  2. This Excel addin calls an internal REST API via Python code.
  3. On some corporate deskops , we are seeing the following error message thrown by Windows Defender

image

Include a minimal code sample to reproduce the issue (and attach a sample workbook if required!)

Questions and concerns from our IT

  • Excel cannot be allowed to spawn CMD.EXE - because this is too generic and will open the gates for any malicious macros to execute scripts.
  • Why is xlwings spawning CMD.EXE ?
@fzumstein
Copy link
Member

It runs Python via cmd.exe. You can try to see if "RunPython: Use UDF Server" checked makes a difference. Or you can migrate to xlwings Server that gets rid of local Python and any VBA, but is part of xlwings PRO.

@sau001-petroineos
Copy link
Author

sau001-petroineos commented May 9, 2024
edited

Hello @fzumstein ,
Thanks for the quick response, I tested with RunPython: Use UDF Server being checked. However ,it did not make any difference. The aforementioned Windows Defender alert popped up in both cases.

May I ask - What is the technical reason for choosing CMD.EXE to launch Python.exe as opposed to launching Python.exe directly?

Thanks,
Sau

@fzumstein
Copy link
Member

I don't know of any other way than doing this via cmd.exe: https://github.com/xlwings/xlwings/blob/main/xlwings/addin/Main.bas#L270-L275

@sau001-petroineos
Copy link
Author

Hello @fzumstein ,

Your code makes sense.
image

I am pondering whether it makes sense to try and launch the Python process directly , i.e. without using cmd.exe /c .

I would like to do a small proof of concept to find the answer to the above question .

Thinking aloud - I could copy over your Main.bas in my personal Addin project. and make changes to the Wscript.Run arguments.

What do you think?

@fzumstein
Copy link
Member

Sure feel free! You're probably running into a problem with the LOG_FILE, which is used for error messages.

@sau001-petroineos
Copy link
Author

Ok. This is what I have done.

  • Created a new XLAM and added the file xlwings.bas as myxlwings
  • Added a new VBA function HelloWorld in this XLAM
  • Wired a new ribbon button to the VBA function HelloWorld
  • The function HelloWorld invokes the RunPython from myxlwings.bas (renamed as NewRunPython)

image

Problem

tab = wb.sheets.active.name throws an error.

image

Question

Why can't Python find the Active Sheet ? See line 9 above

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fzumstein @sau001-petroineos