Microsoft plans to kill malware delivery via Office macros
If you use Word and always feel concerned when you “enable macros” because of the risk of malware, here’s some good news. Sergiu Gatlan reports:
Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware.
Using VBA macros embedded in malicious Office documents is a very popular method to push a wide range of malware families in phishing attacks, including Emotet, TrickBot, Qbot, and Dridex.
“This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word,” the Microsoft Office Product Group said today.
Read more at BleepingComputer.