This post was originally published on 8 July 2022
Update 12 July 2022
Microsoft says that this rollback of “stopping macros from the web being blocked, out of the box” is only temporary and it points out that admins can still implement this restriction through Group policies:
Macros from the internet are blocked by default in Office – Deploy Office | Microsoft Docs
Original Post
I have written and spoken many times about the risk Microsoft Office macros pose to any organisation’s cyber security plan. So the announcement earlier this year that macro functionality would be “block out of the box”, was a good thing. (We still included macro training in our cyber security training because even “off” can be circumvented by a user who’s trust has been exploited by a threat actor.)
Microsoft to block downloaded Office macros – at last – Smart Thinking Solutions
However it now appears that Microsoft, “because of demand”, is rolling this back.
Microsoft rolls back decision to block Office macros by default (bleepingcomputer.com)
Was it the threat actors getting together, pretending to be frustrated Microsoft users, who demanded this very positive step in everyone’s cyber security was rolled back? Microsoft it’s called social engineering!
Why are macros so dangerous – here is a post from 1999, in The Register. Yes 1999, that is how long macros have been a cyber security risk.
Melissa virus threatens to bring email to a halt • The Register
Clive Catton MSc (Cyber Security) – by-line and other articles