Expert Reaction On Microsoft Disables Office Doc Macros

By   ISBuzz Team
Writer , Information Security Buzz | Feb 09, 2022 07:29 am PST

Following the news that Microsoft took the decision to disable macros in Office docs by default after years of calls from the industry to do so, please find comment below.

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
John Rogers
John Rogers , Senior Incident Response Consultant
February 9, 2022 3:29 pm

This is a long-awaited change by the cyber security industry which is expected to greatly reduce the chances of harmful malware being delivered via phishing emails. However, it won’t completely remove the threat. This change should not impact the small number of users who are required to run macros as a legitimate business function as it will only change the default behaviour, which admins can change on a case-by-case basis. It’s great to see a secure by design approach which would protect the majority of users as opposed to leaving security up to the untrained user.

Last edited 2 years ago by John Rogers
Callum Roxan
Callum Roxan , Head of Threat Intelligence
February 9, 2022 3:23 pm

Any move towards security as a default, and not an option, is a real positive change. Complexity is a serious barrier to security and this change will help many organizations protect themselves. Threat actors will adapt, but macros have been a prevalent threat for a long time and this change will raise the cost and complexity for attackers.

Last edited 2 years ago by Callum Roxan
Joseph Carson
Joseph Carson , Chief Security Scientist & Advisory CISO
February 9, 2022 3:07 pm

The implications of turning Macros off by default is a huge win for security as it significantly reduces the potential victim scope of macro-based attacks for cybercriminals.  In the past, we relied heavily on users to make security decisions on macros with a warning – this can potentially reduce the risks from curious employees who may just accept the warning and run the macro that could result in stolen credentials or a fully compromised machine. The issue lies in how quickly organizations can upgrade to this version as office upgrades can typically take a long time, though at least those who have moved to cloud solutions should benefit sooner.  

For those industries that heavily rely on macros such as financial or accounting industries, the hope is that Microsoft will at last make it simple enough for individuals to turn it on for on demand purposes on approved documents and scanned documents.

Last edited 2 years ago by Joseph Carson

Recent Posts

Would love your thoughts, please comment.x