Search the Petri IT Knowledgebase
search icon

close

Windows

Cloud

Microsoft 365

PowerShell

Active Directory

Security

Windows Server

Video

Chance to win $250 in Petri 2023 Audience Survey

Take the survey now!
Icon for Is your IT budget getting cut?

Is your IT budget getting cut?

Creating a Recession-Proof Digital Workplace

Icon for On-Demand Webinar

On-Demand Webinar

MVP Panel Talk: Do You Need to Backup Microsoft 36...

Icon for Don't miss this eBook about M365 Backup!

Don't miss this eBook about M365 Backup!

#1 Microsoft 365 Backup Guide by Veeam

Icon for New E-Book

New E-Book

Tracking Tasks in Microsoft 365

Home

365 Apps

Microsoft 365 Changelog

M365 Changelog: Antimalware Scan Interface (AMSI) to include runtime inspection of Excel 4.0 macros (XLM)

Petri Staff

 |

Dec 24, 2020

MC231204 – Antimalware Scan Interface (AMSI) integration with Office is expanding to include runtime inspection of Excel 4.0 (XLM) macros, an addition to existing support for Visual Basic for Applications (VBA). The existing default behavior for runtime inspection of VBA macros will also apply to XLM macros, providing an additional layer of security for users with Excel for Desktop on Windows.

Key points

  • Timing: Monthly Enterprise Channel, February 2021
  • Roll-out:  tenant level
  • Control type: admin control 
  • Action: review and assess by January 31, 2021

How this will affect your organization

AMSI is an open interface available on Windows 10 for applications to request, at runtime, a synchronous scan of a memory buffer by an installed antivirus or security solution.

When AMSI detects malicious activity, Excel first notifies the user and then terminates the application session. This intervention can stop an attack in its tracks.

In its default configuration, AMSI scans macros at runtime except in these scenarios:

When this feature is enabled, affected macro runtime performance may be affected.

What you need to do to prepare

AMSI integration is on by default in the Monthly Enterprise Channel for Excel and other Office 365 client applications.

The group policy setting Macro Runtime Scan Scope specifies which documents the VBA and XLM Runtime Scan will inspect.

  • Configure the Macro Runtime Scan Scope policy by January 31, 2021 if you wish to deviate from the default settings.
  • If you choose to change the settings or disable, that policy setting will affect both VBA and XLM macros.

Learn more

More from Petri Staff

M365 Changelog: (Updated) Export feature in Teams Admin Center

M365 Changelog: (Updated) Rich text and images in Planner task notes

M365 Changelog: (Updated) Public Preview - Enabling customization capabilities for SSPR, footer hyperlinks and favicon in Company Branding

Petri Newsletters

Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.

More in Microsoft 365 Changelog

M365 Changelog: (Updated) Microsoft Teams: Video Filters in Teams Meetings

Feb 2, 2023 | Rabia Noureen

M365 Changelog: Microsoft Teams support for Targeted Release

Feb 2, 2023 | Rabia Noureen

M365 Changelog: Information barriers v2 is now generally available for all new customers to IB

Feb 2, 2023 | Rabia Noureen

M365 Changelog: “Projects” in Viva Goals is changing to “Initiatives”

Feb 2, 2023 | Rabia Noureen

M365 Changelog: Delete or rename files in a channel and in your OneDrive folder in Teams

Feb 2, 2023 | Rabia Noureen

M365 Changelog: (Updated) Microsoft Teams - Busy-on-busy End User Setting

Feb 2, 2023 | Rabia Noureen

Most popular on petri

Article saved!

Access saved content from your profile page. View Saved

Reach out

Learn More

Sitemap

Join The Conversation

Create a free account today to participate in forum conversations, comment on posts and more.

Copyright ©2019 BWW Media Group

Terms and Conditions of Use

 |

Privacy Policy