Security breach

Hello, performing various tests, I found a security breach.

Replacing the extension (.xls or .xlsm) by an unknown extension and open with Excel, the internal code runs without being verified by xls padlock (Do not allow loading/saving other workbooks); allowing me through code save the workbook with a new name in any location.

When we tried your approach, we were able to load another workbook with VBA code. It’s possible because we don’t completely disable file loading/saving in Excel for performance reasons (Excel needs temporary files).
However, trying to save the original compiled workbook as a new file failed. Is there something we are missing?
Anyway, if you properly use other protection features such as formula protection or VBA code compiler, even if someone manages to rip off the workbook, it will be useless.

The procedure was that caused this problem:

1. Open multiple workbooks (.xlsx) (>200MB)(Do not allow loading/saving other workbooks + Allow loading/saving other workbooks through VBA SetOption helper + VBA).
2. Stop running macro (Ctrl+pause, Ctrl+break, etc).
3. stopping the macro code could not be completed.

Example:
workbookExample = Application.GetOpenFilename(“Text Files (*.xlsx), *.xlsx”, MultiSelect:=true)
Set XLSPadlock = Application.COMAddIns(“GXLS.GXLSPLock”).Object XLSPadlock.SetOption Option:=“2”, Value:="0"
For i = lbound(workbookExample) to ubound(workbookExample)
Workbooks.Open Filename
------------------------------- Interruption macros -----------------------------------
pending code…………………………………
Next i
XLSPadlock.SetOption Option:=“2”, Value:=“1”

This action allowed to run a .xlsm file and copy the code protected book.
Tip: I would suggest allowing opening .xlsx files directly (without VBA code) and block all other files (.xlsm, xls, etc).

Thanks for the detailed procedure, so the problem exists if “Allow loading/saving other workbooks through VBA SetOption helper” is enabled. What does happen if you don’t enable it (which is the case by default)?

Disabling the option “Allow loading/saving other workbooks through VBA SetOption helper” I could not import file (.xlsx) to my application.

My application was developed for the purpose of importing matrices contained in files (.xlsx), process information using tools contained in my application and export them again in files (.xlsx).

Is there any other way to do this activity?

The solution would be allowing users to specify which files they want to block or not, based on a mask. But we must also allow temporary Excel files. If we implement the mask feature, do you think it will be OK for you?