Usually, the malicious code is part of a document that originates from the internet (email attachment, link, internet download, etc.). "A wide range of threat actors continue to target our customers by sending documents and luring them into enabling malicious macro code. Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered, and the impact can be severe including malware, compromised identity, data loss, and remote access. While we provided a notification bar to warn users about these macros, users could still decide to enable the macros by clicking a button.
Microsoft Digital Defense Report, Oct 2021įor years Microsoft Office has shipped powerful automation capabilities called active content, the most common kind are macros. Ransomware attacks are increasingly successful, crippling governments and businesses, and the profits from these attacks are soaring.” “Cybercriminals are targeting and attacking all sectors of critical infrastructure, including healthcare and public health, information technology (IT), financial services, and energy sectors. Unfortunately, these changes also give bad actors opportunities to exploit organizations: It’s a challenging time in software security migration to the modern cloud, the largest number of remote workers ever, and a global pandemic impacting staffing and supply chains all contribute to changes in organizations. We will provide additional details on timeline in the upcoming weeks. Regardless of the default setting, customers can block internet macros through the Group Policy settings described in this article. This is a temporary change, and we are fully committed to making the default change for all users. If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change.įollowing user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability. For IT admins, Macros from the internet will be blocked by default in Office.For end users, A potentially dangerous macro has been blocked.Please refer to the following documentation:
For example, what to do if you have files on SharePoint or files on a network share. Based on our review of customer feedback, we’ve made updates to both our end user and our IT admin documentation to make clearer what options you have for different scenarios. We’re resuming the rollout of this change in Current Channel.
0 kommentar(er)
