• Microsoft rolls out macro blocking again

    Posted on July 21, 2022 at 23:52 CDT by Comment in the Forums

    Microsoft announced they are once again beginning the rollout to block macros in Office files downloaded from the Internet.

    Personally I would make sure that you aren’t using any Office macros in files that you haven’t removed the “mark of the web”. Remember to right mouse click a file, go into properties and see if there is an “unblock” button. When in doubt you can upload a suspicious file to www.virustotal.com just to be sure it’s not a malicious file.

    Updated July 20, 2022: We’re resuming the rollout of this change in Current Channel. Based on our review of customer feedback, we’ve made updates to both our end user and our admin documentation to make clearer what options you have for different scenarios. For example, what to do if your users have files on SharePoint or files on a network share. Please refer to the following documentation:

    If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change.

    Thank you.

    VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. To help improve security, we are changing the behavior of Office applications to now block macros in files from the internet. Learn more in this blog post.

    This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word.

    Key points:

    • Microsoft 365 Roadmap ID 88883
    • Timing: We will communicate a new timeline via Message center.
    • Action: Review and assess impact

    How this will affect your organization:

    Previously, it was possible for end users to enable these macros by simply clicking a button on the Trust bar.

    Now, with this change, once a user opens an attachment or downloads from the internet an untrusted Office file containing macros, a message bar displays a Security Risk that the file contains VBA macros obtained from the internet with a Learn More button.

    VBA Macros Blocked Trust Bar
    View image in new tab

    The Learn More button goes to an article for end users and information workers that contains information about the security risk of bad actors using macros, safe practices to prevent phishing and malware, and instructions on how to enable these macros (if absolutely needed).

    What you need to do to prepare:

    Enterprises should evaluate their use of macros in files obtained from the internet to determine how this new default behavior will affect their users.

    To learn more about how to get ready for this change and recommendations for managing VBA macros in Office files, read this article for Office admins.

    Additional informationHelp and supportBlog
    Office
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.