Security News > 2022 > July > Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'
Microsoft has officially resumed blocking Visual Basic for Applications macros by default across Office apps, weeks after temporarily announcing plans to roll back the change.
Earlier this February, Microsoft publicized its plans to disable macros by default in Office applications such as Access, Excel, PowerPoint, Visio, and Word as a way to prevent threat actors from abusing the feature to deliver malware.
It's a known fact that a majority of the damaging cyberattacks today leverage email-based phishing lures to spread bogus documents containing malicious macros as a primary vector for initial access.
By disabling the option by default for any Office file downloaded from the internet or received as an email attachment, the idea is to eliminate an entire class of attack vectors and disrupt the activities of malware such as Emotet, IcedID, Qakbot, and Bumblebee.
In the interim, the tech giant's decision to block macros has led adversaries to adapt their campaigns to resort to alternative distribution methods such as.
That said, using malicious macros as an entry point to trigger the infection chain is not limited to Microsoft Office alone.
News URL
https://thehackernews.com/2022/07/microsoft-resumes-blocking-office-vba.html
Related news
- Microsoft: New Windows scheduled task will launch Office apps faster (source)
- Fake Microsoft Office add-in tools push malware via SourceForge (source)
- Microsoft releases emergency update to fix Office 2016 crashes (source)
- Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
- Microsoft: Office 2016 and Office 2019 reach end of support in October (source)
- Microsoft will update Office apps on Windows 10 until 2028 (source)