Knowledge base

February 18, 2022

Microsoft blocks Office VBA macros by default

A default change to improve security

Microsoft is finally planning to block Visual Basic for Applications (VBA) macros by default in several Office apps. The change applies to Office files downloaded from the Internet that contain macros, so Office users can no longer enable certain content with the simple click of a button.

The internet is apparently friendlier now than it has been for years

“The default setting is more secure and is expected to keep more users safe, including home users and information workers in managed organizations,” explains Kellie Eickmeyer , a chief executive officer at Microsoft.

Hackers have been targeting Office documents with malicious macros for years, and while Office has long asked users to click to disable macros, this simple button can lead to “serious malware, compromised identity, data loss, and remote access.” Instead of a button, a security risk banner appears with a link to a Microsoft support article, but not an easy way to enable macros.

Microsoft’s new security banner.

Microsoft plans to preview the change with its Current Channel (Preview) users in early April, before rolling it out to its regular Microsoft 365 customers. The change to block VBA macros from the web affects Access, Excel, PowerPoint, Visio, and Word on Windows. Microsoft also plans to update Office LTSC, Office 2021, Office 2019, Office 2016 and even Office 2013 to block internet VBA macros.

This is a major change that could affect many legitimate usage scenarios for VBA macros, and means that Office users can only enable the macros by specifically checking an unblock option on a file’s properties. That’s a lot more steps than usual, and ones that Microsoft hopes will help prevent security vulnerabilities in the future.

Evaluation flow for Office files with VBA macros and MOTW
Evaluation flow for Office files with VBA macros and MOTW Source: Microsoft

“Macros account for about 25 percent of all ransomware arrivals,” explains security researcher and former Microsoft employee Kevin Beaumont . “Keep de-risking macros and macro functions. It’s really important. Thanks to all the people behind the scenes who are doing this.” Marcus Hutchins, a security researcher best known for stopping the global WannaCry malware attack, also celebrated Microsoft’s changes , but noted that the company “decided to do the bare minimum” after years of malware infections. .

Source: theverge

Want to know more?

Get in touch

Related
blogs

View all blogs
Governance Microsoft 365
February 13, 2024

I see, I see what you don’t: resources and governance in Microsoft 365

Read more
Een heldere basis voor de uitrol van governance
January 09, 2024

Go Governance or Go Home

Read more
October 03, 2023

Managing Governance and Compliance in Microsoft 365

Read more
microsoft purview
October 02, 2023

Microsoft Purview: Your Solution for Data Protection and Compliance

Read more
October 01, 2023

Improvements in Microsoft Teams: What’s New.

Read more
September 30, 2023

Windows 11 22H2 Adds Key Manager to Windows Hello

Read more
OpenAI-Header-chatgpt-can-now-see-hear-and-speak
September 29, 2023

ChatGPT Can Now Speak, Listen and Analyze Images

Read more
September 28, 2023

End-to-End Encryption comes to Teams Rooms on Android

Read more
Microsoft Intune
September 27, 2023

Is the New Microsoft Intune Suite the Right Step for Your Business?

Read more
September 26, 2023

Microsoft Defender for the Cloud: Increased Multi-Cloud Data Protection

Read more

Tech Updates: Microsoft 365, Azure, Cybersecurity & AI – Weekly in Your Mailbox.