Microsoft disables macros to curtail Malware Cyber Attacks

    Microsoft has made it official that it has disabled macros across its office products to block malware cyber attacks. The tech giant announced officially that from now on the macros feature in the Visual Basic for Applications (VBA) running across Word, PowerPoint, Excel, Access and Visio will be in disabled form and will have to be activated on a manual note by the admin or the device owner.

    “This will eradicate malicious payloads from being downloaded through office files that will also help in mitigating risks such as compromised identity theft, data loss, malware propagation and remote access,” said Kellie Eickmeyer, the Principal Product Manager, Microsoft.

    However, the cyber risk doesn’t end with this step, as users can still be lured into the mush through phishing emails that allow the online user to enable the feature, allowing them to gain a foothold into the device and then the network.

    Therefore, for Microsoft Office users whose macros capabilities are disabled, a pop-up displays on their screen alerting them about a security risk banner as the file is being sourced through an untrusted resource.

    Thence, the user needs to decide and then act on whether they need to go for the download by right-clicking and then selecting the properties from the context menu and unblock the macros feature.

    Note- By disabling Macros by default, Microsoft has blocked the spread of ransomware attacks such as the one seen on the Kronos Private Cloud last year, that led to the spread of ransomware onto the servers of famous sports wear brand ‘Puma’. Information is out that thousands of employees from the renowned footwear brand were affected by the file encrypting malware attack as their personal details were stolen along with the source code of the internal Puma application.

    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display