Microsoft upgrades Office security by blocking VBA macros by default

Since then, there has been a bit of a delay The change was originally announcedbut this week Microsoft started rolling out an update to Microsoft Office that prevents Visual Basic for Applications (VBA) macros from being used in downloaded documents.

Last month, Microsft was testing the new default setting when it suddenly rolled back the update, “temporarily while we make some additional changes to improve usability”. Although said to be temporary, many experts worry that Microsoft may not proceed with changing the default setting, leaving systems vulnerable to attacks. Google Threat Analysis Group Leader, Shane Huntley chirp“Blocking Office macros would do infinitely more to defend against real threats than all of Intel’s Threat blog posts.”

The new default is now rolling out, but with updated language to alert users and administrators of the options they have when they try to open a file and it is blocked. This only applies if Windows, using the NTFS file system, notes that it was downloaded from the Internet and not from a network drive or location that administrators have determined as safe, and does not change anything on other platforms such as Mac and Office on Android/iOS or Office on web.


We are resuming rolling out this change in the Current Channel. Based on our review of customer feedback, we’ve made updates to both the end user and our IT admin documentation to clarify your options for different scenarios. For example, what to do if you have files on SharePoint or files on a network share. Please refer to the following documents:

• For end users, A potentially dangerous macro has been blocked

• For IT administrators, Macros from internet will be blocked by default in Office

If you enable or disable Prevent macros from running in Office files from the Internet policy, your organization will not be affected by this change.

While some people use scripts to automate tasks, hackers have abused this feature with malicious macros for years, tricking people into downloading and running a file to compromise their systems. Microsoft noticed how administrators Group Policy settings can be used in Office 2016 to block macros across their organization’s systems. However, not everyone turned it on, and attacks continued, allowing hackers to steal data or distribute ransomware.

Users who try to open files and are blocked will get a popup Send it to this page, explaining why they probably don’t need to open this document. It starts by running through several scenarios where someone might try to trick them into executing malware. If they really need to see what’s inside the downloaded file, the access methods are explained, which are all more complex than before, as users can usually enable macros by pressing a single button on the warning banner.

This change may not always prevent someone from opening a malicious file, but it does provide several more layers of warning before they can get there while still providing access to people who say they desperately need it.

#Microsoft #upgrades #Office #security #blocking #VBA #macros #default

Leave a Comment

Your email address will not be published.