Security News > 2022 > July > Microsoft rolls back default macro blocks in Office without telling anyone
Microsoft appears set to roll back its decision to adopt a default stance of preventing macros sourced from the internet from running in Office unless given explicit permission.
Things got worse over the years, so in 2016 Microsoft upped the ante with a tool that allowed admins to define when and where macros were allowed to run.
So in February this year Microsoft decided to block macros by default in Access, Excel, PowerPoint, Visio, and Word, explaining that the change made Office "More secure and is expected to keep more users safe including home users and information workers in managed organizations."
A comment from a chap named Vince Hardwick noted that the default blocking of macros appeared to have been removed in the Current Channel for Office.
Robertson did not discuss the feedback Microsoft has received that led to the change, but among the many comments on the original post announcing the block are complaints from users who took issue with the way macro blocking was implemented or lamented that it's effectively broken some useful systems they've built.
The Register has asked Microsoft to confirm the reversal of the default macro block, and to explain why it did not announce it publicly.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/07/08/office_macro_block_rollback/
Related news
- Microsoft 365, Office users hit by wave of ‘30088-27’ update errors (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft discloses unpatched Office flaw that exposes NTLM hashes (source)
- Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure (source)