After previously delaying while it worked on improving usability, Microsoft has now finally started blocking macros (opens in new tab) run on downloaded Office files.
IT administrators can now update their productivity suite and prevent their employees from running Visual Basic for Applications (VBA) macros in the same, simple and convenient way as before.
In a post-roll announcement, Microsoft explained what “enhanced usability” actually meant, and it seems it came down to the language of the warnings:
Tighten up security
“Based on our assessment of customer feedback, we’ve made updates to both our end users and our IT admin documentation to make it clearer what options you have for different scenarios,” explains Microsoft. “What to do if, for example, you have files on SharePoint or files on a network share. Please refer to the following documentation: For end users, a potentially dangerous macro has been blocked (opens in new tab); For IT admins, macros from the web are blocked by default in Office (opens in new tab).
If you’ve ever enabled or disabled the Block macros in Office Internet policy files, this change will not affect your organization.”
The changes only apply to Windows. If the NTFS system recognizes a file as downloaded from the Internet (as opposed to accessing it over a network or a site designated as safe by the administrator), it blocks the use of macros. Other platforms such as Mac, Office on Android/iOS or Office on the web will not be affected.
Macros have been a nightmare for most IT security administrators for years and one of the best weapons for cybercriminals.
While employees use them to automate various tasks, crooks hijack macros to trick victims into downloading malware, giving the threat actors unrestricted access to the target network. While these changes are not a panacea for macro-driven attacks, they are expected to significantly reduce the number of successful attacks.
- Here’s our list of the best antivirus programs (opens in new tab) solutions now
Via: The Verge (opens in new tab)