Security News

Microsoft says last week's decision to roll back VBA macro auto-blocking in downloaded Office documents is only a temporary change. Redmond announced in February that Microsoft Office would automatically block VBA macros in all documents downloaded from the Internet after a rollout stage between April and June.

This article will explain why users should block macros in Internet downloads and how you can block them in Microsoft Office. To prevent this distribution method, Microsoft announced in February that Microsoft Office would automatically block VBA macros in documents downloaded from the Internet starting in June.

Five months after announcing plans to disable Visual Basic for Applications macros by default in the Office productivity suite, Microsoft appears to have rolled back its plans. "Based on feedback received, a rollback has started," Microsoft employee Angela Robertson said in a July 6 comment.

Microsoft has fixed a known issue causing Office applications like Word and Excel to crash when working with cloud documents. The complete list of affected Office apps includes Excel for Microsoft 365, Word for Microsoft 365, and PowerPoint for Microsoft 365.

Microsoft appears set to roll back its decision to adopt a default stance of preventing macros sourced from the internet from running in Office unless given explicit permission. Things got worse over the years, so in 2016 Microsoft upped the ante with a tool that allowed admins to define when and where macros were allowed to run.

While Microsoft announced earlier this year that it would block VBA macros on downloaded documents by default, Redmond said on Thursday that it will roll back this change based on "Feedback" until further notice. On systems where VBA macros aut0blocking is enabled, customers see a "SECURITY RISK: Microsoft has blocked macros from running because the source of this file is untrusted" security alert.

A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office routers as part of a sophisticated campaign targeting North American and European networks. The malware "Grants the actor the ability to pivot into the local network and gain access to additional systems on the LAN by hijacking network communications to maintain an undetected foothold," researchers from Lumen Black Lotus Labs said in a report shared with The Hacker News.

Black Lotus Labs discovered a new remote access trojan called ZuoRAT, which targets remote workers via their small office/home office devices, including models from ASUS, Cisco, DrayTek and NETGEAR. Overview of campaign elements. The campaign included ZuoRAT - a multi-stage RAT developed for SOHO routers leveraging known vulnerabilities - which allowed the threat actor to enumerate the adjacent home network, collect data in transit, and hijack home users' DNS/HTTP internet traffic.

Acronis is more than just a company that sells backup tools. Acronis Cyber Protect Home Office doesn't stop at protection and backup.

Researchers are warning attackers can abuse Microsoft Office 365 functionality to target files stored on SharePoint and OneDrive in ransomware attacks."Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker," according to researchers.