Security News > 2022 > July > Microsoft rolls back default macro blocks in Office without telling anyone

Microsoft rolls back default macro blocks in Office without telling anyone
2022-07-08 03:02

Microsoft appears set to roll back its decision to adopt a default stance of preventing macros sourced from the internet from running in Office unless given explicit permission.

Things got worse over the years, so in 2016 Microsoft upped the ante with a tool that allowed admins to define when and where macros were allowed to run.

So in February this year Microsoft decided to block macros by default in Access, Excel, PowerPoint, Visio, and Word, explaining that the change made Office "More secure and is expected to keep more users safe including home users and information workers in managed organizations."

A comment from a chap named Vince Hardwick noted that the default blocking of macros appeared to have been removed in the Current Channel for Office.

Robertson did not discuss the feedback Microsoft has received that led to the change, but among the many comments on the original post announcing the block are complaints from users who took issue with the way macro blocking was implemented or lamented that it's effectively broken some useful systems they've built.

The Register has asked Microsoft to confirm the reversal of the default macro block, and to explain why it did not announce it publicly.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/07/08/office_macro_block_rollback/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774