Tech Insight : How Microsoft Will Block Macros To Stop Malware

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

February 16, 2022

Microsoft recently announced that it will be blocking Visual Basic for Applications (VBA) macros by default as a way to stop the spread of malware. Since these macros are important automation tools for Microsoft Office apps, how is this going to work?

What Are Visual Basic for Applications (VBA) Macros?

Visual Basic for Applications (VBA) for Office is the programming language behind Excel and other office apps. VBA can accomplish almost every operation that can be performed with a mouse, keyboard, or a dialog box. Also, it is the automation of repetitive tasks that is one of the most common uses of VBA in Office. VBA macros, therefore, are a series of instructions written (in VBA) into a single command to automate tasks e.g., with a single click.

What’s The Problem?

Microsoft says that although VBA macros are tools designed to make routine entry work simpler, they have long been abused by hackers and bad actors to deliver malicious payloads such as ransomware to unsuspecting users. For example, Tom Gallagher from Microsoft’s Office Security team recently said that “A wide range of threat actors continue to target our customers by sending documents and luring them into enabling malicious macro code”. Mr Gallagher has also highlighted how malicious code is usually part of a document that originates from the internet (email attachment, link, internet download, etc.). Once enabled, the malicious code can gain access to the identity, documents, and the network of the person who enabled it.

Safest Option – Block Them By Default

Since, as described by Microsoft’s Tom Gallagher, VBA macros are obtained from the internet, Microsoft says, therefore, that the most secure option is now to simply block them by default.

Message Displayed

With macros being blocked, instead of being allowed to enable macros just by clicking a button, users will instead see a message bar notifying them that macros are blocked, next to an option to learn more. Although it will still be possible to enable macros, this will require users to travel go through more layers, thereby reducing the possibility of accidentally clicking on a phishing email.

What And When?

Microsoft says that, for now, the functionality will be limited to the Windows version of Microsoft Office and will be enabled in Access, Excel, PowerPoint, Visio, and Word.

The new change will be rolled out in a preview (version 2203) in the Current Channel, due in early April. This will then be gradually rolled out to the Monthly Enterprise Channel and Semi-Annual Enterprise Channel.

What Does This Mean For Your Business?

This change by Microsoft, which was prompted by ongoing cloud migration and increased remote and hybrid working, is designed to increase safety and security, particularly for remote workers. What it essentially does is to make it much more difficult for users to be fooled into running malicious code via social engineering while, at the same time, keeping a path for legitimate macros to be enabled through a trusted route where appropriate. The advice to IT and security teams is to work with any parts of the business that use macros in their Office files and, with any independent software vendors that are critical to the business who use macros within Office files.

You May Also Like…

0 Comments

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.