Security News > 2022 > July > Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'

Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'
2022-07-22 18:27

Microsoft has officially resumed blocking Visual Basic for Applications macros by default across Office apps, weeks after temporarily announcing plans to roll back the change.

Earlier this February, Microsoft publicized its plans to disable macros by default in Office applications such as Access, Excel, PowerPoint, Visio, and Word as a way to prevent threat actors from abusing the feature to deliver malware.

It's a known fact that a majority of the damaging cyberattacks today leverage email-based phishing lures to spread bogus documents containing malicious macros as a primary vector for initial access.

By disabling the option by default for any Office file downloaded from the internet or received as an email attachment, the idea is to eliminate an entire class of attack vectors and disrupt the activities of malware such as Emotet, IcedID, Qakbot, and Bumblebee.

In the interim, the tech giant's decision to block macros has led adversaries to adapt their campaigns to resort to alternative distribution methods such as.

That said, using malicious macros as an entry point to trigger the infection chain is not limited to Microsoft Office alone.


News URL

https://thehackernews.com/2022/07/microsoft-resumes-blocking-office-vba.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399