Sunday, May 19, 2024

Tech News, analysis, updates, comments, reviews

After some block and forth, Microsoft stops Office macros by default

Some attackers have used macros to corrupt Office files with ransomware.

The block is back.

Microsoft has disabled by default the oft-helpful, oft-malwared shortcuts known as macros. And it got confusing for a second. In February, Microsoft announced a block, then a rollback, then a clarification that the rollback was temporary, and now, finally, a rollout.

“To help improve security in Office, we’re changing the default behavior of Office applications to block macros in files from the internet,” according to a July 20 post from Microsoft.

Yay, macros! A macro is a small program or script, written in Visual Basic for Applications (VBA) and built to automate tasks in Office that would normally be done manually. With a macro, users can one-click their way through a number of efforts, like removing text wrap from an entire Excel spreadsheet, unmerging all merged cells, or saving a workbook with a time stamp in the name.

Nay, macros! Though macros can save time, they can also provide shortcuts for malware installation.

A Q1 2022 threat report from the managed detection and response provider Expel found that “threat actors used macro-enabled Word documents and zipped JavaScript files as the initial attack vector in 82% of all pre-ransomware incidents.” A February 2022 post from the software company Netskope revealed that 31% of all malware downloads blocked by the company were malicious Office files.

Now, according to the July 20 Microsoft post, macros from the internet will be blocked by default in Office, and when a reader opens a macro file, a security-risk warning will be displayed. While users are able to override the feature and enable macros if needed, the preselected setting is a step in the right direction, according to Roman Shain, information technology specialist at Nero Consulting.

“Microsoft is kind of helping everyone out in a way by saying, ‘Hey, look twice before crossing the street.’” Shain told IT Brew.


Please enter your comment!
Please enter your name here

Get notified whenever we post something new!


Migrate to the cloud

Make yourself future-proof by migrating your infrastructure and services to the cloud. Become resilient, efficient and distributed.

Continue reading

On-Premises vs. Cloud Security

As usual, we begin by championing cybersecurity. It stands as the foremost concern for organizations striving to safeguard their sensitive data and digital assets. Among the many strategies available, two dominant paradigms have emerged: on-premises security and cloud security....

Regulation Insights from Starlink’s in Zimbabwe

In recent times, the journey of Starlink, Elon Musk's ambitious satellite internet venture under SpaceX, has been marked by regulatory challenges, particularly in Zimbabwe. Meanwhile the Posts and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) issued a directive instructing Starlink...

How to Make the Internet More Safer – My Take

If you a follower of this blog, you already know our obsession with #cybersecurity. We believe in a safe Internet for all. We also believe that there is enough room, resources, and will for all of us to co-exist...

Enjoy exclusive discounts

Use the promo code SDBR002 to get amazing discounts to our software development services.