Microsoft has stated its described unblocking of VBA macros for Business documents is only a short-term measure and they will be blocked once again shortly by default.
Security authorities were being fast to criticise Microsoft right after the news broke past week that it would be reversing the improve it declared in February, 1 that was greeted overwhelmingly positively at the time.
In a Friday update to the company’s first announcement web site publish, Microsoft stated that the rollback of the default VBA macro block was a short-term evaluate taken when it tends to make modifications to enhance usability.
“This is a short-term adjust, and we are entirely dedicated to creating the default transform for all buyers,” it included.
Microsoft has not in depth the timeline for when it expects to re-permit the default block on VBA macros, but plans to present more aspects “in the future weeks”.
Why did Microsoft backtrack?
Angela Robertson, principal team product supervisor at Microsoft Place of work 365’s id and security staff, replied to a user on a Microsoft help forum final week explaining that the company’s heralded new stance on VBA macros was likely to be reversed.
The firm explained in February that it would block them by default for five Office environment applications – information that was greeted warmly by the local community, albeit a move many considered to be very long overdue.
Robertson defined that the decision was made following consumer suggestions and that a far more comprehensive rationalization would be reaching the community soon.
It is continue to unclear what the feedback was to prompt the decision, but Office macros are typically employed to automate highly manual functions in files these types of as spreadsheets, and various business departments use them to streamline their workflows.
The issue with VBA macros is that the feature is generally abused in phishing attacks. A regular scenario would see a cyber prison send out a specially crafted document to an unwitting target, encouraging them to down load and open up the document, these as an Excel file.
The victim would be greeted by a acquainted person interface but in buy to interact with the doc, they would have to click on a button in a ribbon to ‘enable content’. This would then set off a down load and installation of malware or ransomware, in a usual attack state of affairs.
Microsoft’s decision to disable VBA macros by default came into result in April and experts reported the transform “had presently begun to affect danger actor behaviours to use other things”.
Some components of this report are sourced from: