5.2 C
London
Sunday, December 4, 2022

Microsoft improves Office security by blocking default VBA macros

Must read

Sophia Hill and Taylor Watts have announced their engagement

Sophia hill and Taylor Watts of TikTok announced their engagement on social media on November 29, 2022.Sophia posted a few photos of the two...

Threats to protesters in Emmett Till rally lead to cancellation of Christmas parade in Kentucky

A Kentucky Christmas parade scheduled for Saturday has been canceled after authorities received threats against protesters at an Emmett Till rally on the same...

LastPass Hacked, OpenAI Opens Access to ChatGPT and Kanye Is Suspended From Twitter (Again) londonbusinessblog.com

Aaaaaah we're back! Now that our Thanksgiving mini-break is over, it's time for another edition of Week in Review - the newsletter where...

Fortnite’s latest live event was the strangest yet

Fortnite just wrapped up its most recent large-scale live event, and it was a strange one - even through Fortnite standards. The event,...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

There has been some back and forth since the change was originally announced, but this week Microsoft started rolling out an update to Microsoft Office that blocks the use of Visual Basic for Applications (VBA) macros on downloaded documents.

Last month, Microsft was testing the new default when it suddenly rolled back the update, “temporarily while we make some additional changes to improve usability.” Despite saying it was temporary, many experts feared Microsoft wouldn’t go through with changing the default setting, leaving systems vulnerable to attacks. Google Threat Analysis Group Leader Shane Huntley tweeted“Blocking Office macros would do infinitely more to actually defend against real threats than any threat intelligence blog post.”

Now the new default setting is being rolled out, but with updated language to warn users and administrators what options they have when they try to open a file and it is blocked. This only applies if Windows, using the NTFS file system, marks it as downloaded from the internet and not as a network drive or site that administrators have marked as safe, and it doesn’t change anything on other platforms like Mac, Office on Android/ iOS or Office on the web.

Microsoft:

We resume the rollout of this change in Current Channel. Based on our assessment of customer feedback, we’ve made updates to both our end users and our IT admin documentation to clarify the options you have for different scenarios. For example, what to do if you have files on SharePoint or files on a network share. Refer to the following documentation:

• For end users, A potentially dangerous macro has been blocked

• For IT administrators, Macros from the internet is blocked by default in Office

If you ever get the Block macros from running in Office files from the web policy, this change will not affect your organization.

While some people use the scripts to automate tasks, hackers have abused the feature for years with malicious macros, causing people to download a file and run it to compromise their systems. Microsoft noted how administrators could use Group Policy settings in Office 2016 to block macros in their organization’s systems. Still, not everyone turned it on and the attacks continued, allowing hackers to steal data or spread ransomware.

Users who try to open files and are blocked will get a popup send them to this page, explaining why they probably don’t need to open that document. It starts by going through different scenarios where someone could try to trick them into running malware. If they really need to see what’s in the downloaded file, it explains ways to access it, all of which are more complicated than what happened before, where users could usually enable macros by pressing one button in the warning banner.

This change may not always stop someone from opening a malicious file, but it does provide multiple layers of warning before they can get there, while still allowing access to the people who say they absolutely need it.


More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Sophia Hill and Taylor Watts have announced their engagement

Sophia hill and Taylor Watts of TikTok announced their engagement on social media on November 29, 2022.Sophia posted a few photos of the two...

Threats to protesters in Emmett Till rally lead to cancellation of Christmas parade in Kentucky

A Kentucky Christmas parade scheduled for Saturday has been canceled after authorities received threats against protesters at an Emmett Till rally on the same...

LastPass Hacked, OpenAI Opens Access to ChatGPT and Kanye Is Suspended From Twitter (Again) londonbusinessblog.com

Aaaaaah we're back! Now that our Thanksgiving mini-break is over, it's time for another edition of Week in Review - the newsletter where...

Fortnite’s latest live event was the strangest yet

Fortnite just wrapped up its most recent large-scale live event, and it was a strange one - even through Fortnite standards. The event,...

8 ways you can save yourself and others from being scammed

Opinions expressed by londonbusinessblog.com contributors are their own. Statistics on the number of scam websites littering the internet are disturbing. In 2020, Google registered...