14 DAY TRIAL // Microsoft has just announced a change that could be received with mixed reactions by the Office userbase out there: the productivity suite will no longer enable macros downloaded from the Internet by default.
On one hand, this is a welcome improvement from a security perspective, but on the other hand, running macros by default won’t be as convenient as before.
Microsoft emphasizes the security implications of keeping this feature enabled in Microsoft Office, with the company explaining that users will be presented with a warning showing at the top of the screen whenever a macro is blocked.
“For macros in files obtained from the internet, users will no longer be able to enable content with a click of a button. A message bar will appear for users notifying them with a button to learn more. The default is more secure and is expected to keep more users safe including home users and information workers in managed organizations,” the company explains.
Change coming into effect in April
The new change will come into effect for the Current Channel (Preview) in early April, Microsoft says, and it will only concern Word, Excel, PowerPoint, Access, and Visio on Windows. Later this year, Microsoft also plans to enable the change for all the other channels.
“Once a user opens an attachment or downloads from the internet an untrusted Office file containing macros, a message bar displays a Security Risk that the file contains Visual Basic for Applications (VBA) macros obtained from the internet with a Learn More button. The Learn More button goes to an article for end users and information workers that contains information about the security risk of bad actors using macros, safe practices to prevent phishing & malware, and instructions on how to enable these macros by saving the file and removing the Mark of the Web (MOTW),” Microsoft notes.