When Microsoft introduced VBA macros to Excel in 1993, the feature was met with overwhelming praise from both individuals and businesses. Macros let you automate tasks within Office documents, but unfortunately, they’re also a vehicle for ransomware. To mitigate the problem, Microsoft will disable macros for all Office files that you download from the internet.
Security researchers have called on Microsoft to disable Office macros for as long as we can remember. That’s because it’s incredibly easy to email someone an Office file (.docx, .xlsx, etc) equipped with a macro that runs malicious code, such as ransomware.
Some estimates suggest that around 25% of ransomware attacks are delivered through VBA macros. In a Microsoft Digital Defense Report from late last year, the company notes that “all sectors of critical infrastructure, including healthcare and public health, information technology (IT), financial services, and energy sectors” fall victim to these attacks, despite attempts to educate the public on cybersecurity.
For macros in files obtained from the internet, users will no longer be able to enable content with a click of a button. A message bar will appear for users notifying them with a button to learn more. The default is more secure and is expected to keep more users safe including home users and information workers in managed organizations.
Unfortunately, this change will impact many legitimate uses for macros. Any automations that you set up on your system will run normally, but if a coworker emails you a spreadsheet with a macro, you’ll have to right-click the file and enable VBA macro functionality in its Properties tab.
Microsoft says that this change to macros only affects Windows users with Excel, PowerPoint, Word, Visio, and Access. The company will begin testing this change with Version 2203, beginning with Current Channel (Preview) users early this April.
Later, Microsoft will push the change to regular Office releases, including Enterprise releases. The company will also update Office LTSC, Office 2021, Office 2019, Office 2016, and Office 2013 to automatically block internet macros.