Microsoft yesterday announced that it will disable Visual Basic for Applications (VBA) macros by default in numerous products, mainly from the Office suite, to curb attacks through this vector.
Products affected by this decision include Excel, PowerPoint, Word, Visio and Access. The company’s decision doesn’t mean that macros will be unusable, but opening them in Office documents will come with a warning.
Threat actors often use macros in Office files to deliver malicious payloads by tricking unsuspecting victims into opening the documents and enabling the active content. While macros are not always bad, they should be handled with caution, particularly when the origin of the file is not known.
Upon downloading or opening an attachment or Office file containing macros, the app prompts the user with a security risk banner that reads: “Microsoft has blocked macros from running because the source of the file is untrusted."
However, users can still unblock macros easily by accessing the file’s properties (Right-click -> Properties) and checking “Unblock” in the General tab.
Until now, Microsoft has warned users about enabling macro content in their files by flashing a security warning banner at the top of the document. However, users could allow macro content by clicking the “Enable Content” button contained by the same banner.
The change will only affect users running Office on Windows devices and “will begin rolling out in Version 2203, starting with Current Channel (Preview) in early April 2022,” according to Microsoft’s announcement.
Microsoft also listed a series of recommendations for users who encounter the macro restrictions:
All things considered, if you downloaded a file with macros from the Internet and you’re unsure about the purpose of those macros, delete the file as soon as possible.
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsDecember 19, 2024
November 14, 2024