Security News > 2023 > March > Microsoft Excel now blocking untrusted XLL add-ins by default
Microsoft says the Excel spreadsheet software is now blocking untrusted XLL add-ins by default in Microsoft 365 tenants worldwide.
"We are introducing a default change for Excel Windows desktop apps that run XLL add-ins: XLL add-ins from untrusted locations will now be blocked by default," Microsoft said in a new Microsoft 365 message center post.
Moving forward, in tenants where the XLL blocking will get enabled by default, an alert will be displayed when users try to enable content from untrusted locations, informing them of the potential risk and allowing them to find more information about why they're seeing the warning.
Redmond started disabling Excel 4.0 macros, added XLM macro protection, and announced that VBA Office macros are now also blocked by default.
Excel XLL files are dynamic-link libraries used to expand the functionality of Microsoft Excel with additional features like custom functions, dialog boxes, and toolbars.
Before being blocked by default, XLLs would allow attackers to infect victims that enabled the untrusted add-ins and opened them even though they were warned that the "Add-ins might contain viruses or other security hazards."