Microsoft Disables Web Macros in Workplace Apps by Default to Block Malware Assaults

Microsoft on Monday stated it is taking steps to disable Visible Primary for Purposes (VBA) macros by default throughout its merchandise, together with Phrase, Excel, PowerPoint, Entry, and Visio, for paperwork downloaded from the net in an try and get rid of a whole class of assault vector.

“Dangerous actors ship macros in Workplace information to finish customers who unknowingly allow them, malicious payloads are delivered, and the influence could be extreme together with malware, compromised identification, information loss, and distant entry,” Kellie Eickmeyer stated in a publish asserting the transfer.

Whereas the corporate does warn customers about allowing macros in Workplace information, unsuspecting victims — e.g., recipients of phishing emails — can nonetheless be lured into enabling the characteristic, successfully granting the attackers the power to achieve an preliminary foothold into the system.

As a part of the brand new change, when a person opens an attachment or downloads from the web an untrusted Workplace file containing macros, the app shows a safety danger banner stating, “Microsoft has blocked macros from operating as a result of the supply of the file is untrusted.”

“If a downloaded file from the web needs you to permit macros, and you are not sure what these macros do, it’s best to most likely simply delete that file,” Microsoft cautions, outlining the safety danger of unhealthy actors utilizing macros.

That stated, customers can unblock macros for any downloaded file by right-clicking the file and choosing Properties from the context menu, and ticking the “Unblock” checkbox from the Common tab. The updates are anticipated to be utilized to Microsoft 365 customers in April 2022, with plans to backport the characteristic to Workplace LTSC, Workplace 2021, Workplace 2019, Workplace 2016, and Workplace 2013 at a “future date.”

The transfer arrives lower than a month after the Home windows maker disabled Excel 4.0 (XLM) macros, one other broadly abused characteristic to distribute malware, by default for shielding clients towards safety threats.