Microsoft to block VBA macros by default

by Don Sharpe
Don Sharpe
Don Sharpe
Author
Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been... read more
Affiliate Disclosure
  • Macros help Office users to speed up various tasks but are also deemed to be a security threat, especially on downloads. Microsoft is taking action by disabling the macros in Office by default
  • Macros security risk has become a big issue due to many people working remotely relying mostly on cloud computing.
  • The default is expected to be more secure to protect users both at home and in offices. This information has been received well by the security community.

Microsoft is planning to disable macros by default in Office, which should help protect users from malicious attacks. The ability to run macros has been a staple of Microsoft’s Office suite for a long time, but it has also been a way for attackers to execute malicious code on computers. 

Macros allow people to automate common tasks by having scripts run when a document is opened, and they are often used by businesses to speed up the execution of repetitive jobs.

In macro security, Microsoft explains how and why it will be changing its policy on how macros are handled in Office. The reason for the move is the widespread exploitation of VBA macros by bad actors to spread malware.

Once you enable macros and run them, malicious code can access your system and start downloading malware. It’s a simple technique that can be very effective if it reaches enough people.

Macros security risk

The recent increase in the numbers of people working remotely and the general reliance on the cloud makes companies more vulnerable than ever to security problems resulting from macros.

Microsoft warns that the prevalence of remote work and the cloud exacerbates the problem of macros as a security threat. Previously, Office files included active content such as macros that users could choose to enable or disable. 

Malicious actors now send end users Office files containing macros enabled by default; users with malicious payloads are delivered and the impact can be severe including malware, compromised identity, data loss, and remote access.

Security boost

The default setting for VBA macros obtained from the internet is now disabled. A message bar will appear for users notifying them of this change. 

This is expected to help keep more Microsoft users safer, including home users and information workers at managed organizations.

The update will first be available for users running Windows home and enterprise editions and then it will make its way to other channels.

This is where the new security measure comes in. As Microsoft explains in a blog post, Office VBA macros will now be disabled by default. A user who wants to run them will have to enable them manually from within the application’s settings.

Good news

The news has been received perfectly well by the security community who according to them macros have been a cyber security threat for quite some time.

The small number of users who must run macros will still have to do so as a legitimate business function. 

However, the default behavior will change so that other people won’t be affected. This change is expected to greatly reduce the chances of harmful malware being delivered via phishing emails.

Microsoft plans to make the same change to its other Office products, though it has not yet announced a timeline for implementation.

What do you think about this plan by Microsoft disabling macros in office by default? Share your thoughts in the comment section.