Computer

You no longer have to worry about hidden malware in Word or Excel

Due to all this it seems that the Redmond firm is finally beginning to take serious measures to end all this. As you can imagine, this could mean the beginning of the definitive elimination of hidden malware in these office programs. And it is that Microsoft has just announced that it is working to make it difficult to start VBA macros downloaded from the Internet. All of this will be effective in several of the Office applications from the beginning of next April. In this way, they want to put an end to the popular malware distribution method that has been with us for so long.

Say that the use of VBA macros embedded in malicious office documents is a very popular attack method. This drives a wide range of malware families in phishing-type attacks. At the same time it is interesting to know that Microsoft’s security project only affects Office on Windows computers. It will also be effective for applications AccessExcel, PowerPoint, Word and vision.

As we mentioned before, these security changes will start rolling out in version 2203 of the suite. Therefore, it will start arriving on the preview channel in early April this year. Of course, we must take into account that after its implementation we will no longer be able to enable macros with a mouse click after they are automatically locked.

Malware in Office macros comes to an end

As you can imagine, this automatically eliminates attacks that distribute malware on home and business networks through malicious office documents. This includes many Trojans that steal user information, as well as various types of ransomware.

Now, until the new macro auto-block defaults take effect, when Office opens a document it checks to see if it’s tagged. Specifically, look for the brand known as MoTW, which means that it has been downloaded from the Internet. If this tag is found, Microsoft opens the read-only document. This is how it blocks malware exploitation unless users click the Enable Editing or Enable Content button.

macros vba word malware

Therefore, removing these buttons that allow users to remove MoTW will block macros from unreliable sources by default. Preventing the execution of most malicious documents will be achieved by stopping malware attacks that abuse this vulnerability. From Microsoft’s point of view, this important security enhancement will roll out to other Office channels in the coming months.

And the fact is that despite the fact that we are talking about a series of programs clearly focused on office automation work, the use of VBA macros sometimes make them vulnerable. That is why those from Redmond have been working since last year on a new security function to protect us from this type of attack as much as possible.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *