Microsoft Will Stop Office Macros from Default Beginning July 27

TechCrunch was informed by Microsoft that it had halted the rollout to make “some additional changes to improve usability”. Microsoft has updated its documentation, providing step-by-step instructions to IT administrators and end users. These instructions explain how Office decides whether to run or block macros, which Office versions will be affected, how VBA macros can be allowed in trusted files, and how to prepare to make the change.

Microsoft announced plans to disable macros automatically in February to prevent threat actors from using the feature to send malware as email attachments. The company stated that VBA macros were a common way for malicious agents to access malware and ransomware. “We are changing Office’s default behavior to prevent macros from files downloaded from the internet to improve security.”

The move to block macros was applauded by the cybersecurity industry.

It appeared to have been working up until Microsoft’s last-month reversal. ESET for instance observed that threat actors had already begun to move away from macro-based attacks after the change. Instead of replacing Microsoft Word documents, they used a shortcut file instead.

Microsoft’s macro-blocking technology will soon be available to Access, Excel Excel PowerPoint, Visio, Visio, Word on Windows, and Visio. This change will not affect Office for Mac, Android, or iOS devices.

Microsoft released a security update to Windows 11 earlier this week that will help users protect themselves against brute force attacks. This feature is automatically turned on in the latest Insider version of Windows 11. It will lock out a user for 10 minutes if they enter the wrong password 10 times.