Microsoft to make enabling 'untrusted' Office macros tougher in the name of security

Starting in early April, Microsoft plans to make it tougher to enable VBA macros that are downloaded from the internet in several of its Office apps. The effect, the company hopes, will be to eliminate a popular way for malware to perpetuate.

Microsoft plans to block by default VBA macros obtained from the internet in Office on devices running Windows. This will impact Access, Excel, PowerPoint, Visio, and Word, according to a February 7 blog post from the Office product group. The change will begin rolling out in the Current Channel (preview) of Office on Windows and will prevent users from enabling these kinds of macros with a single click.

Over time, Microsoft will move beyond the Current Channel with this change and apply it to other Office distribution channels, like the Monthly Enterprise and Semi-Annual Enterprise Channels. This change also will be applied to the Long Term Servicing Channel version of Office, including Office LTSC, Office 2021, Office 2019, Office 2016, and Office 2013.

ZDNET Recommends

The best Windows laptops

Here are ZDNET's top picks for a variety of use cases.

Read now

UK cybersecurity expert (and former Microsoftie) Kevin Beaumont tweeted that "this is potentially a game changer for the cybersecurity industry, and, more importantly customers," as macros account for about 25 percent of all ransomware entry -- a figure he called "deeply conservative." 

A message bar noting that a particular downloaded VBA is not trusted will note: "Security Risk: Microsoft has blocked macros from running because the source of this file is untrusted" next to a Learn More button. The Learn More button will take users to an article about the security risk of bad actors using macros, ways to prevent phishing and malware, and instructions for enabling these macros by saving the file and removing the Mark of the Web (MOTW). The MOTW is added to files by Windows when they're from an untrusted location (internet or Restricted Zone).

This article from Microsoft has more information for IT pros/admins about the coming change in macro behavior.

More Microsoft

The best Windows laptop models: Comparing Dell, Samsung, Lenovo, and more

Windows 11's big new update is full of AI and rolling out today - here's what's in it

How to upgrade Windows Home edition to Pro

5 Microsoft Edge settings to change for more secure browsing than Chrome offers

Here's the best way to upgrade to Windows 11 Pro, and why you should

• The best Windows laptop models: Comparing Dell, Samsung, Lenovo, and more
• Windows 11's big new update is full of AI and rolling out today - here's what's in it
• How to upgrade Windows Home edition to Pro
• 5 Microsoft Edge settings to change for more secure browsing than Chrome offers
• Here's the best way to upgrade to Windows 11 Pro, and why you should