Search the Petri IT Knowledgebase
search icon

close

Don't miss out on our next GET-IT conference about Virtual Desktop Infrastructure!

Register Now!
Icon for On-demand Conference

On-demand Conference

Virtual Desktop Infrastructure 1-Day Virtual Conference

Icon for New E-Book

New E-Book

Microsoft Teams Backup

Icon for Latest Whitepaper

Latest Whitepaper

7 Critical Reasons for Microsoft 365 Backup

Icon for New E-Book

New E-Book

4 Strategies for Cloud Storage Optimization

Home

365 Apps

Microsoft 365 Changelog

M365 Changelog: Antimalware Scan Interface (AMSI) to include runtime inspection of Excel 4.0 macros (XLM)

Petri Staff

 |

Dec 24, 2020

MC231204 – Antimalware Scan Interface (AMSI) integration with Office is expanding to include runtime inspection of Excel 4.0 (XLM) macros, an addition to existing support for Visual Basic for Applications (VBA). The existing default behavior for runtime inspection of VBA macros will also apply to XLM macros, providing an additional layer of security for users with Excel for Desktop on Windows.

Key points

  • Timing: Monthly Enterprise Channel, February 2021
  • Roll-out:  tenant level
  • Control type: admin control 
  • Action: review and assess by January 31, 2021

How this will affect your organization

AMSI is an open interface available on Windows 10 for applications to request, at runtime, a synchronous scan of a memory buffer by an installed antivirus or security solution.

When AMSI detects malicious activity, Excel first notifies the user and then terminates the application session. This intervention can stop an attack in its tracks.

In its default configuration, AMSI scans macros at runtime except in these scenarios:

When this feature is enabled, affected macro runtime performance may be affected.

What you need to do to prepare

AMSI integration is on by default in the Monthly Enterprise Channel for Excel and other Office 365 client applications.

The group policy setting Macro Runtime Scan Scope specifies which documents the VBA and XLM Runtime Scan will inspect.

  • Configure the Macro Runtime Scan Scope policy by January 31, 2021 if you wish to deviate from the default settings.
  • If you choose to change the settings or disable, that policy setting will affect both VBA and XLM macros.

Learn more

More from Petri Staff

M365 Changelog: (Updated) Public Preview - Enabling customization capabilities for SSPR, footer hyperlinks and favicon in Company Branding

M365 Changelog: (Updated) Rich text and images in Planner task notes

M365 Changelog: (Updated) Export feature in Teams Admin Center

Petri Newsletters

Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.

More in Microsoft 365 Changelog

M365 Changelog: (Updated) My Activity retirement in Teams mobile Activity

Sep 27, 2022 | Rabia Noureen

M365 Changelog: Updates available for Microsoft 365 Apps for Current Channel

Sep 27, 2022 | Rabia Noureen

M365 Changelog: (Updated) Public Preview - Enabling customization capabilities for SSPR, footer hyperlinks and favicon in Company Branding

Sep 26, 2022 | Petri Staff

M365 Changelog: Microsoft Stream - Upload and Manage Files in the Stream Web App

Sep 26, 2022 | Rabia Noureen

M365 Changelog: (Updated) Microsoft Teams: Start a Teams Chat with Distribution Groups, Mail-Enabled Security Groups, and O365 Groups

Sep 26, 2022 | Rabia Noureen

M365 Changelog: Microsoft Teams Detailed Call History Feature Update

Sep 23, 2022 | Rabia Noureen

Most popular on petri

Article saved!

Access saved content from your profile page. View Saved

Reach out

Learn More

Sitemap

Join The Conversation

Create a free account today to participate in forum conversations, comment on posts and more.

Copyright ©2019 BWW Media Group

Terms and Conditions of Use