acm-header
Sign In

Communications of the ACM

ACM News

Microsoft to (Finally) Block Macros to Stop Malware


VBA macros are powerful automation tools that can add functionality to Microsoft Office, but hacking groups often abuse them to distribute harmful payloads like ransomware to unsuspecting users.

Credit: thehackernews.com

Microsoft has announced that it will begin blocking Visual Basic for Applications (VBA) macros by default in a variety of Office apps from April 2022 - making it more difficult for threat groups to remotely install malware via compromised documents.

The change will affect Office documents that are downloaded from the internet and contain macros.

Once the new functionality comes into effect, Office users will no longer be able to enable macros with a single click of a button. While it will still be possible to turn macros on, the simple confirmation pop-up that exists today will go the way of the dodo. Instead, users will see a message bar informing them that macros are blocked, alongside an option to learn more.

"For the protection of our customers, we need to make it more difficult to enable macros in files obtained from the internet," said Kellie Eickmeyer, a principal PM at Microsoft.

From Computing (U.K.)
View Full Article

 


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account