Security News > 2021 > August > Excel is still a security headache after 30 years because of this one feature
Threat researcher explains why it's tricky to tell the difference between legitimate Excel Macros and ones that deliver malware.
The problem is that bad actors have started using Excel sheets and macros as a new way to deliver malware.
Leibovich presented "Identifying Excel 4.0 Macro strains using Anomaly Detection" with Elad Ciuraru last week.
Microsoft released a new runtime defense against Excel 4.0 macro malware in March.
Leibovich said that he has seen a substantial increase over the last two years of hackers using Excel 4.0 Macros in attacks.
The basic math is that Microsoft is dominant in this space, and uses Visual Basic for Applications is highly and easily targeted and many organizations still do not always properly address the macro issue, according to Aaron , director of digital forensics and incident response at NTT Ltd. The nuclear option for protecting against this kind of malware is to block any and all inbound macro-enabled and macro-embedded files from email or file transfer pathways, Card said.