It looks like Microsoft is on a roll to block all sorts of ways and methods using which malware can infect a user's system.
Less than a week ago, the Redmond firm announced that it disabled MSIX AppX app-installers, and earlier today, hot on the heels of the announcement that it is restricting XLM macros last month, the company declared that it is also going to block Visual Basic for Applications (VBA) Macros in Office files obtained from the internet by default. This change will affect Access, Excel, PowerPoint, Visio, and Word files.
The rationale is pretty much the same here. To block these potentially harmful files since Macros are often used to distribute malware. For example, last year, we covered a story where a malicious "made on Windows 11" document was found using VBA macros to infect systems.
The announcement says:
VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. Therefore, to help improve security in Office, we’re changing the default behavior of Office applications to block macros in files from the internet.
While Microsoft already used to disable Macros, enabling it was easy before as all you had to do was click on the "Enable Content" option. However, now, it is making the process much more difficult by replacing that option with a "Learn More" prompt.
Clicking on the Learn More prompt will open this page on Microsoft's site where the company provides the way to enable macros on that file in case a user is absolutely sure the Office file is not malicious. The user will have to manually select "Unblock" on the said file's properties to gain access.
Source: Microsoft
6 Comments - Add comment