20.6 C
New York
Wednesday, September 28, 2022

Microsoft upgrades Office security by blocking VBA macros by default

There’s been some back and forth since the change was originally announced, but this week Microsoft began rolling out an update to Microsoft Office that blocks the use of Visual Basic for Applications (VBA) macros on downloaded documents. .

Last month, Microsft was testing the new default setting when it suddenly rolled back the update, “temporarily while we make additional changes to improve usability.” Although they said it was temporary, many experts feared that Microsoft would change the default setting, leaving systems vulnerable to attack. Shane Huntley, Head of Google’s Threat Analytics Group tweeted“Blocking Office macros would do infinitely more to defend against real threats than all the threat blog posts.”

Now the new default setting is rolling out, but with updated language to alert users and admins of the options they have when they try to open a file and it’s blocked. This only applies if Windows, using the NTFS file system, marks it as downloaded from the Internet and not a network drive or a site that administrators have marked as safe, and it doesn’t change anything on other platforms. forms like Mac, Office on Android/iOS or Office on the web.


We are resuming the rollout of this change to the current channel. Based on our review of customer feedback, we’ve updated our end user and IT admin documentation to clarify the options you have for different scenarios. For example, what if you have files on SharePoint or files on a network share. Please refer to the following documentation:

• For end users, a potentially dangerous macro has been blocked

• For IT administrators, macros from the Internet will be blocked by default in Office

If you have already enabled or disabled the Block macro execution in Office files policy from the Internet policy, your organization will not be affected by this change.

While some people use scripts to automate tasks, hackers have abused the feature with malicious macros for years, tricking people into downloading a file and running it to compromise their systems. Microsoft noted how administrators could use Group Policy settings in Office 2016 to block macros on systems in their organization. Yet not everyone activated it, and attacks continued, allowing hackers to steal data or distribute ransomware.

Users who try to open files and get stuck will receive a pop-up sending them to this page, explaining why they probably don’t need to open this document. It starts by walking through several scenarios where someone might try to trick them into running malware. If they really need to see what’s in the downloaded file, then it explains the ways to access it, all of which are more complicated than what happened before, where users could usually enable the macros by pressing a button in the warning banner.

This change doesn’t always prevent someone from opening a malicious file, but it does provide several additional layers of warnings before they can access it while still providing access to people who say they absolutely need it.

Related Articles


Please enter your comment!
Please enter your name here

Stay Connected


Latest Articles