- Microsoft has made plans to disable Excel 4.0 XLM macros by default.
- The move is geared toward protecting users from malicious documents.
- The change will take effect from mid-December.
Microsoft’s Excel feature XLM macro that has been enabling users to perform repetitive tasks and automate them has been in existence since 1992. Although it has served its users quite well, it has also had its own share of woes. The feature has been repeatedly used by attackers to launch XLM-based malware to control PCs.
Plans to disable
The issue which has been long-standing will now get a solution. The Redmond giant has made a move to also disable the Excel 4.0 macros in all of Microsoft 365. As an alternative, they are urging Excel users to switch to VBA macros. In addition, the setting ‘enable XLM macros when VBA macros are enabled’ will automatically be unchecked by default.
The change will only be available to end-users that are yet to configure the macro setting or those whose group policy is not configured by their tenant admins.
Three phases roll out
This change will take place in three phases. The first phase will be for the Office Insiders and is set to take place in October in preview builds. Then, it will expand in phases to the production machines expected at the end of the year.
According to Microsoft, this new move is expected to offer a more secure experience from malicious attacks. Qbot, TrickBot, and Dridex are just some of the well-known attackers. As the rollout commences, IT admins are advised to follow steps on this page to restrict XML macros in their organizations.
Do you think the move by Microsoft will improve security? Let us know in the comment section below.