Microsoft Office is finally making this vital security change across Excel, Word and more

Say goodbye to macros in downloaded files

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsofthas announced a significant security policy change, decreeing that users will soon no longer be able to activate VBA macros in certain documents from five of its most popular Office apps.

When it finally pulls the plug, users will no longer be able to run any VBA macros inMicrosoft Word, Excel, Access, PowerPoint and Visio, for “untrusted” documents.

It seems that all files shared from outside the company network will be deemed “untrusted”, meaning all files coming from the same domain should still be able to keep their macros.

Macros - a super-useful liability

Macros are a big deal, for both businesses, and cybercriminals.

They are usually used to automate various tasks, such as importing or updating data coming from third-party sources. But the problem is that they can easily be abused by malicious actors to distributeransomware, malware, steal sensitive data, or for other nefarious deeds.

For years, cybercrime groups have been sharing macro-powered malicious Office documents, preying on gullible or exhausted workers. Payment receipts, warnings of failed payments, job offers, Covid-19 and vaccine information, are just some of the document types crooks would share to have people run macros and infect theirendpoints.

Microsoft to disable old-school macros to shield users from attacks>Microsoft Excel is making a big change to protect against malware>Hackers are weaponizing Excel documents to infiltrate corporate networks

Microsoft has tried to tackle the issue with a tentative solution - to disable the macros in downloaded files by default, and to leave the user with the option of activating it or not.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

However, as most people are not aware of the reason behind Microsoft’s decision to disable macros by default, they often end up enabling them after all.

Now, after years of pleads by various cybersecurity firms and experts, Microsoft has finally bit the bullet and gone for the extreme option of killing macros altogether.

The change is set to start in early April 2022, with Microsoft Office version 2203, which will be the public preview version.

Via:The Record

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

7 myths about email security everyone should stop believing

Best Usenet client of 2024

NYT Strands today — hints, answers and spangram for Sunday, November 10 (game #252)