
close
close
Chance to win $250 in Petri 2023 Audience Survey
MC231204 – Antimalware Scan Interface (AMSI) integration with Office is expanding to include runtime inspection of Excel 4.0 (XLM) macros, an addition to existing support for Visual Basic for Applications (VBA). The existing default behavior for runtime inspection of VBA macros will also apply to XLM macros, providing an additional layer of security for users with Excel for Desktop on Windows.
Key points
How this will affect your organization
AMSI is an open interface available on Windows 10 for applications to request, at runtime, a synchronous scan of a memory buffer by an installed antivirus or security solution.
When AMSI detects malicious activity, Excel first notifies the user and then terminates the application session. This intervention can stop an attack in its tracks.
In its default configuration, AMSI scans macros at runtime except in these scenarios:
When this feature is enabled, affected macro runtime performance may be affected.
What you need to do to prepare
AMSI integration is on by default in the Monthly Enterprise Channel for Excel and other Office 365 client applications.
The group policy setting Macro Runtime Scan Scope specifies which documents the VBA and XLM Runtime Scan will inspect.
Learn more
More in Microsoft 365 Changelog
M365 Changelog: (Updated) Microsoft Teams: Video Filters in Teams Meetings
Feb 2, 2023 | Rabia Noureen
M365 Changelog: Information barriers v2 is now generally available for all new customers to IB
Feb 2, 2023 | Rabia Noureen
M365 Changelog: Delete or rename files in a channel and in your OneDrive folder in Teams
Feb 2, 2023 | Rabia Noureen
M365 Changelog: (Updated) Microsoft Teams - Busy-on-busy End User Setting
Feb 2, 2023 | Rabia Noureen
Most popular on petri