Microsoft reverses Office macro blocking, which raises security concerns

Daniel Sims

Posts: 754   +29
What just happened? Microsoft recently changed Office's default behavior to block a popular malware attack vector. The company has now reversed that decision, drawing the ire of security researchers and users. Microsoft intends to explain the rollback in-depth soon.

This week, a Microsoft spokesperson admitted that the company rolled back its decision to block downloaded macros in Office files. Some think the reversal will make office users more vulnerable to cyberattacks.

Hackers have often used macros — automated processes within Office files — as malware payloads. In February, Microsoft announced it would update most versions of Office on Windows so that, by default, they wouldn't run macros in downloaded files, warning users of their security risks.

So far, Microsoft has only said its reversal is in response to feedback and is preparing an update explaining the decision. However, some are disappointed that Microsoft backtracked before informing users.

Many users may have complained to Microsoft because they didn't understand why their macros stopped working. One commentator on Microsoft's website blamed the company for caving to uninformed users. Shane Huntley of Google's Threat Analysis Group called the rollback a "sad decision," saying informative blog posts wouldn't be as effective as blocking macros by default.

To manually change macro settings, head to Options > Trust Center > Trust Center Settings. You should find multiple options to enable or disable macros with or without notifications or to enable macros only when they are digitally signed.

Microsoft Office Professional 2021 is currently on sale for $39. This lifetime license for one computer doesn't require a subscription.

Permalink to story.



Posts: 3,956   +6,983
I got a real easy answer for you here:

Macros are the sole reason anyone bothers to use office anymore. The only *legitimate* need one has for the office suite is the use of macros, which are often proprietary for office use. If MS starting blocking this feature by default, it would perhaps drive their customers to new solutions, either in app or externally, to do the work for them, at which point many would realize there is 0 reason to pay MS a dime going forward.

Macros are to office what win32 compatibility is to windows OS.


Posts: 4,564   +6,867
I sense that, as before, it will end up with icons redesign, to call it a new product.

They already did it. They've stripped it down to two-color icons, slightly rounded some corners, dark mode by default and probably added more spyware. In other words, Microsoft Office: Windows 11 edition.

Uncle Al

Posts: 9,363   +8,581
MicroSludge does it again!!! Just another great reminder of why I went to LibreOffice years ago ..... they have yet to disappoint ....
Last edited: