There’s been a little back-and-forth since the change was originally announced, but this week Microsoft began rolling out an update for Microsoft Office that allows the use of Visual Basic for Applications (VBA) macros on downloaded documents. prevents.
Last month, Microsoft was testing the new default setting when it suddenly rolled back the update, “temporarily while we make some additional changes to increase usability.” Despite saying it was temporary, many experts were concerned that Microsoft might not proceed with changing the default setting, leaving the system vulnerable to attacks. Shane Huntley, leader of the Google Threat Analysis Group tweeted“Blocking Office Macros will actually do infinitely more to protect against real threats than all the other Intel blog posts.”
Now rolling out the new default setting, but with updated language to alert users and administrators what options they have when they try to open a file and it gets blocked. This only applies if Windows, using the NTFS file system, notes it as a download from the Internet, not a network drive or site that the administrator has marked as safe, and it is compatible with Mac, Android But nothing is changing on other platforms like Office. Office on iOS, or the web.
We are resuming the rollout of this change in the current channel. Based on our review of customer feedback, we have made updates to both our end user and our IT admin documentation to clarify what options you have for different scenarios. For example, what to do if you have files on SharePoint or files on a network share. Please refer to the following documents:
• For end users, a potentially dangerous macro has been blocked
• For IT administrators, Macros from the Internet will be blocked in Office by default
If you have ever enabled or disabled Block Macros from Playing in Office Files from Internet Policy, your organization will not be affected by this change.
While some people use scripts to automate tasks, hackers have abused the feature for years with malicious macros, tricking people into downloading a file and running it to compromise their systems. Is. Microsoft noted how administrators can use Group Policy settings in Office 2016 to block macros in their organization’s systems. Still, not everyone turned it on, and attacks continued, allowing hackers to steal data or distribute ransomware.
Users who try to open files that are blocked will be sent a pop-up on this page explaining why they probably don’t need to open that document. It starts by walking through several scenarios where someone might try to trick them into executing malware. If they really need to see what’s inside the downloaded file, it explains the ways to gain access, which are more complicated than before, where the user usually presses a button in a warning banner. You can enable macros.
This change may not always prevent someone from opening a malicious file, but it does provide several more layers of warning before they can get there, while still providing access for people who say they absolutely need it. Is.