Microsoft plans to kill malware delivery via Office macros

If you use Word and always feel concerned when you “enable macros” because of the risk of malware, here’s some good news. Sergiu Gatlan reports:

Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware.

Using VBA macros embedded in malicious Office documents is a very popular method to push a wide range of malware families in phishing attacks, including EmotetTrickBotQbot, and Dridex.

“This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word,” the Microsoft Office Product Group said today.

Read more at BleepingComputer.

About the author: Dissent

Comments are closed.