What just happened? Microsoft planned to block macros in downloaded Office files as a security measure for months, but continued to run into hurdles in the process. This week, the company reiterated its plans, better explaining what it’s doing and what users should do in response.
Starting next week, Microsoft Office will block macros in files downloaded from the internet by default, “reversing a reversal” Microsoft made earlier this month. The new policy will be enforced from July 27 as a safety precaution, but the company is pushing harder to explain its decision this week.
Macros are useful because they can automate certain processes in Office applications. However, macros in online files can be vectors for malware and ransomware. Microsoft started blocking them in Untrusted Files in February, but unblocked them in early June without warning.
A spokesperson said the reversal was due to feedback, leading some to speculate that Microsoft gave in to complaining users, not knowing why their macros stopped working. This week, the company released documentation announcing the return of default blocking and detailing why.
In addition to a detailed explanation of who will be affected (anyone using Word, Access, Excel, PowerPoint, and Visio on Windows), Microsoft includes instructions for preparing for the change and for enabling macros only in trusted files.
Users can already enable this security measure by enabling a policy to block macros. Users and businesses can unlock macros in a variety of ways, such as changing a file’s properties, designating network locations as trusted, using PowerShell, or removing “web branding” from a file. Microsoft explains how to do this for files from the Internet, OneDrive files, SharePoint files, and files on local networks.