Softpedia >News >Security
Softpedia Homepage   

Microsoft Backports Office 2016 Anti-Macro-Malware Feature to Office 2013

Users asked Microsoft for this feature in Office 2013

Oct 27, 2016 01:50 GMT  ·  By
A user asked to exit Protected View
3 photos
   A user asked to exit Protected View

Back in March, Microsoft took a step in the right direction when it added a new feature in Office 2016 that allowed network administrators to use a local Group Policy for their organization and block macro scripts that downloaded content off the Internet, rendering macro-based malware ineffective.

Yesterday, in a statement from the Microsoft Malware Protection Center, the company announced that it ported the feature to Office 2013, following numerous customer requests.

"We are pleased to announce that, as of September 2016, this feature is now part of Office 2013 – and it works in the same way as it does in Office 2016," the company wrote.

The feature is not fullproof

A common misconception surrounding this feature is that it blocks all macros. This is wrong. The feature only blocks downloads initiated by macro scripts from locations outside the company's network, such as the Internet.

Macros that help productivity, or execute malicious operations without downloading content off the Internet, will continue to work.

Nevertheless, it is a good idea not to allow macro scripts to execute from files you've received via spam messages, and even from friends, if you haven't requested the files beforehand.

How to block macros in files retrieved from the Internet in Office 2013 and 2016

If you're a system administrator and you're running Office 2013 or Office 2016 in your network, here's how to automatically block macros in files downloaded off the Internet.

Step 1: Download the Office 2016 Administrative Template files (ADMX/ADML) and Office Customization Tool from Microsoft's website, and/or the version for Office 2013.

Step 2: Open the Group Policy Management Console. Click Start, click Control Panel, click Administrative Tools, and then click Group Policy Management.

Step 3: Locate and right-click the Group Policy Object that you want to configure and click Edit.

Step 4: Select the Group Policy Management Editor, go to User Configuration. (see image below)

Step 5: Select Administrative templates > Microsoft Word 2016 > Word options > Security > Trust Center. (see image below)

Step 6: Open the Block macros from running in Office files from the Internet option, configure it, and then enable it. (see image below)

"Block macros from running in Office files from the Internet" option
"Block macros from running in Office files from the Internet" option

Photo Gallery (3 Images)

A user asked to exit Protected View
Warning shown to users that try to enable macros that retrieve content off the Internet"Block macros from running in Office files from the Internet" option
Open gallery