Skip to Content

MC393185: Reminder: Microsoft Office default change – Blocking VBA macros in files from the internet

VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. As a reminder (MC322553 Feb ’22), to help improve security, we are changing the behavior of Office applications to now block macros in files from the internet. Learn more in this blog post.

This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word. This message is associated with Microsoft 365 Roadmap ID 88883.

To help improve security, we are changing the behavior of Office applications to block macros in files from the internet.

MC393185: Reminder: Microsoft Office default change – Blocking VBA macros in files from the internet

Key points

  • Timing: The change has been available in Version 2203, Current Channel (Preview) and it will complete the rolling out for the entire Current Channel soon. Later, the change will be available in the other update channels, such as Monthly Enterprise Channel, and Semi-Annual Enterprise Channel.
  • At a future date to be determined, we also plan to make this change to Office LTSC, Office 2021, Office 2019, Office 2016, and Office 2013.
  • Action: Review and assess impact

How this will affect your organization

Previously, it was possible for end users to enable these macros by simply clicking a button on the Trust bar.

Now, with this change, once a user opens an attachment or downloads from the internet an untrusted Office file containing macros, a message bar displays a Security Risk that the file contains VBA macros obtained from the internet with a Learn More button.

Once a user opens an attachment or downloads from the internet an untrusted Office file containing macros, a message bar displays a Security Risk that the file contains VBA macros obtained from the internet with a Learn More button.

The Learn More button goes to an article for end users and information workers that contains information about the security risk of bad actors using macros, safe practices to prevent phishing and malware, and instructions on how to enable these macros (if absolutely needed).

What you need to do to prepare

Enterprises should evaluate their use of macros in files obtained from the internet to determine how this new default behavior will affect their users.

Learn more

Message ID: MC393185
Published: 16 June 2022
Updated: 16 June 2022

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker