Microsoft: Key Office apps will block macros by default

Join online with today’s leading executives at the Data Summit on March 9th. Register here.


Microsoft announced today that five Office applications will block Visual Basic for Applications (VBA) macros that were obtained by default from the Internet, long sought after by many in the cyber security sector.

The change will start in April for Office 365 customers and is for Windows devices only, Microsoft said in a blog post. Other versions of Office will receive an update “at a future date to be determined,” the company said.

While macros are intended to help automate certain functions in office documents, macros in email attachments have long been popular among attackers as a delivery mechanism for malware. A study by Coffens in 2018 found that macros contained in office documents accounted for 45% of all malware delivery mechanisms.

Microsoft acknowledged the issue in a post today, saying “bad actors send macros into office files that inadvertently enable them” – leading to the delivery of malicious payloads. The impact, including malware, compromised identity, data loss and remote access, could be serious, Microsoft said.

In announcing upcoming plans to disable all macros by default, Microsoft cites a number of challenges security professionals are currently facing – including cloud migration, securing remote workers and the ongoing epidemic.

“To protect our customers, we need to make it more difficult to enable macros in files retrieved from the Internet,” Microsoft said in the post.

Thus, “VBA macros obtained from the Internet will now be blocked by default,” the company said.

This change will cover the three most used office apps વર્ Word, Excel and PowerPoint તેમજ as well as Access and Visio.

“For macros in files retrieved from the Internet, users will no longer be able to enable content at the click of a button,” Microsoft said. “Defaults are more secure and are expected to protect more users, including information users in home users and managed organizations.”

The company said that with the change, “a message bar will appear to notify users with a button to learn more.”

Microsoft’s move to disable macros by default is “one of the best ways to prevent early access to malicious Office documents,” wrote Greg Linares, a research engineer at EE Digital Security. Twitter,

Here are additional details about the changes Microsoft made in its blog post:

Changes to version 2203 will begin in the current channel (preview) in early April 2022. Later, changes will be available to other update channels, such as the current channel, the monthly enterprise channel, and the half-yearly enterprise channel. .

We also plan to make these changes in Office LTSC, Office 2021, Office 2019, Office 2016, and Office 2013 at a later date.

Venturebeat’s mission Transformative Enterprise is about to become a digital town square for technology decision makers to gain knowledge about technology and transactions. Learn more

Similar Posts

Leave a Reply

Your email address will not be published.