Microsoft Rescinds Decision To Block Office Macros

Share post:

Microsoft has rescinded its earlier announcement of automatically blocking VBA macros on downloaded documents by default until further notice.

The tech giant is mum on the reason behind this decision and has yet to make a public announcement to customers that VBA macros embedded in malicious Office documents will no longer be blocked automatically in Access, Excel, PowerPoint, Visio, and Word.

The change started to roll out in Version 2203, beginning with Current Channel (Preview) in early April 2022, with general availability to be reached by June of next year. 

This move was expected by many, as VBA macros are a popular method to shove a wide range of malware strains (including Emotet, TrickBot, Qbot, and Dridex) through phishing attacks via malicious Office document attachments.

With VBA macros blocked by default, there was high expectation that attacks that delivered malware will be automatically derailed.

Microsoft’s customers easily noticed that Microsoft turned back from making this change in the Current Channel on Wednesday, with the old ‘Enable Editing’ or ‘Enable Content’ buttons shown at the top of downloaded Office documents with embedded macros.

While the tech giant has not made public the negative backlash that led to the rescinding of this change, users said that they are unable to find the Unblock button to remove the Mark-of-the-Web from downloaded files, rendering it impossible to enable macros.

Furthermore, other admins felt that the decision makes it very challenging for end-users who would find it difficult to unblock files that they download every day, if not multiple times in a day.

For more information, read the original story in Bleeping Computer.


Related articles

Cyber Security Today, Week in Review for week ending Friday, June 21, 2024

Welcome to Cyber Security Today. This is the Week in Review edition for the week ending Friday June...

Cyber Security Today, June 21, 2024 – US to ban Kaspersky for businesses, consumers

U.S. to ban the sale of Kaspersky products to consumers and businesses. Welcome to Cyber Security Today. It's Friday...

Biden administration to ban US sales of Kaspersky software over ties to Russia

The Biden administration is set to announce a ban on the sale of Kaspersky Lab's antivirus software in...

Security bug may allow anyone to spoof Microsoft employee emails

A security researcher claims to have discovered a bug that enables anyone to impersonate Microsoft corporate email accounts,...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways