Microsoft is finally getting ready to block Visual Basic for Applications (VBA) macros downloaded from the internet by default in several Office apps. The Redmond giant has already started restricting Excel 4.0 (XLM) macros, and this change will now impact all VBA macros in Word, PowerPoint, Visio, Access, and Excel files.
By default, Microsoft Office apps will prevent users from enabling enable (VBA) macros by simply clicking a button. With this change, the apps will replace the “Enable Content” option with a new “Learn More” prompt. Users will need to click the prompt to read instructions on how to enable the macros in the downloaded file manually. Microsoft says that this change should help to protect Windows users from malware distributed via phishing attacks, such as TrickBot, Emotet, Dridex, and Qbot.
“For years Microsoft Office has shipped powerful automation capabilities called active content, the most common kind are macros. While we provided a notification bar to warn users about these macros, users could still decide to enable the macros by clicking a button. Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered, and the impact can be severe including malware, compromised identity, data loss, and remote access,” the company explained.
Microsoft Office apps to block all VBA Macros by default in early April
Microsoft plans to test the new default setting in Office version 2203 with Current Channel (Preview) users in early April, and it will become generally available for all Office 365 customers in June 2022. The company will also block VBA macros by default across all supported standalone versions of Office (including Office LTSC, 2021, 2019, 2016, and 2013) in a future update.
It is important to note that this new default behavior will only be applicable to Office files downloaded from the web on Windows PCs, and it won’t affect Mac, iOS, Android, and web users. Microsoft has also provided some recommendations to help IT Admins prepare for this change, and you can find more details on this support page.