This article will document the changes to MS’ security policy on autorun macros, gauge the impact on users and applications, and point out what the future holds for macro malware developers and distributors. For now, the policy change is limited to version 2203 Office products, but Microsoft plans on rolling it out for other Office versions such as Office 2021, Office 2016, Office 2013, and Office 2019.Įssentially, all code-packed autorun macros downloaded from the Internet or other sources will be blocked by default if the Office cannot verify source, certificate, or validate against a group policy. Effective immediately, all version 2203 Microsoft Office products (e.g., Excel, Visio, Access, PowerPoint, and Word) will benefit from this change, which will become a permanent part of the security baseline for all Microsoft 365 enterprise apps. In an attempt to curb the ever-increasing macro malware incidence rate, Microsoft has announced that all macros bearing the Mark of the Web (MOTW) attribute will be disabled by default.
0 Comments
Leave a Reply. |