This story has gone back and forth. How can Microsoft wobble on what has been a well used attack vector, by threat actors for years and years?
Microsoft to block downloaded Office macros – at last – Smart Thinking Solutions
Now it looks like the block is back to stay:
Microsoft resumes default blocking of Office macros after updating docs (bleepingcomputer.com)
If you are an organisation that dislikes this, or requires macros to be unblocked for operational reasons, then your administrators can unblock them. May be it was pressure from such organisations (big organisations?) that caused Microsoft to wobble so much on this issue? It is much better to have a safe default position rather than a risky one!
However making people aware of the risk Microsoft Office macros pose will still be a significant module in our cyber security training – there will always be Follina type issues – although now the risk has been lowered
Clive Catton MSc (Cyber Security) – by-line and other articles
