Home Feature news Microsoft to block Office VBA macros by default

Microsoft to block Office VBA macros by default

Microsoft is finally planning to block Visual Basic for Applications (VBA) macros by default in a variety of Office apps. The change will apply to Office files that are downloaded from the internet and include macros, so Office users will no longer be able to enable certain content with a simple click of a button.

“The default is more secure and is expected to keep more users safe including home users and information workers in managed organizations,” explains Kellie Eickmeyer, a principal PM at Microsoft.

Hackers have been targeting Office documents with malicious macros for years, and while Office has long prompted users to click to enable macros running, this simple button could lead to “severe including malware, compromised identity, data loss, and remote access.” Instead of a button, a security risk banner will appear with a link to a Microsoft support article, but no easy way to enable macros.

Microsoft is planning to preview the change with its Current Channel (Preview) users in early April, before rolling out to its regular Microsoft 365 customers. The change to block VBA macros from the web will affect Access, Excel, PowerPoint, Visio, and Word on Windows. Microsoft also plans to update Office LTSC, Office 2021, Office 2019, Office 2016, and even Office 2013 to block internet VBA macros.

This is a big change that could impact a lot of genuine use cases for VBA macros, and it means that Office users will only be able to enable the macros by specifically ticking an unblock option on the properties of a file. That’s a lot more steps than usual, and ones that Microsoft is hoping will help prevent security issues in the future.

“Macros account for about 25 percent of all ransomware entry,” explains security researcher and former Microsoft employee Kevin Beaumont. “Keep derisking macros and macro functions. It’s really important. Thank you all the people behind the scenes doing this.” Marcus Hutchins, a security researcher best known for halting the global WannaCry malware attack, also celebrated Microsoft’s changes but noted the company has “decided to do the bare minimum” after years of malware infections.

Most Popular

Make The Dream Work: 4 Reasons To Enhance Teamwork In The Workplace

Leveraging Teamwork To Grow Your Business When eLearning Industry was named one of the best workplaces in Greece for the year 2022, a large effort...

Why I Love My eLearning Job

If You Love What You Do You Never Have To Work I hereby confirm that this post was not written under any duress. In fact,...

How To Get Employees Engaged In Training And Why It’s Important

Learn How To Create Engaging Employee Training Employee disengagement costs companies millions of dollars every year. Today’s employees have high expectations from their workplace. They...

New Campaign in California Seeks to Re-Enroll Working Adults

A coalition of higher ed organizations is launching a campaign, called California Reconnect, to re-enroll adult learners who stopped out of college in the...