Microsoft reverses Office macro blocking, which raises security concerns

What just happened? Microsoft recently changed Office’s default behavior to block a popular malware attack vector. The company has now reversed that decision, drawing the ire of security researchers and users. Microsoft intends to explain the rollback in-depth soon.

This week, a Microsoft spokesperson admitted that the company rolled back its decision to block downloaded macros in Office files. Some think the reversal will make office users more vulnerable to cyberattacks.

Hackers have often used macros — automated processes within Office files — as malware payloads. In February, Microsoft announced it would update most versions of Office on Windows so that, by default, they wouldn’t run macros in downloaded files, warning users of their security risks.

Sad decision. Blocking Office macros would do infinitely more to actually defend against real threats than all the threat intel blog posts.

I always see our main mission in threat intelligence is to drive the changes to protect people.

— Shane Huntley (@ShaneHuntley) July 8, 2022

So far, Microsoft has only said its reversal is in response to feedback and is preparing an update explaining the decision. However, some are disappointed that Microsoft backtracked before informing users.

Many users may have complained to Microsoft because they didn’t understand why their macros stopped working. One commentator on Microsoft’s website blamed the company for caving to uninformed users. Shane Huntley of Google’s Threat Analysis Group called the rollback a “sad decision,” saying informative blog posts wouldn’t be as effective as blocking macros by default.

To manually change macro settings, head to Options > Trust Center > Trust Center Settings. You should find multiple options to enable or disable macros with or without notifications or to enable macros only when they are digitally signed.

Microsoft Office Professional 2021 is currently on sale for $39. This lifetime license for one computer doesn’t require a subscription.

Read More

Leave a Comment