Microsoft adds Antivirus to Office Apps to tackle macro malware

Home » Office » Office 365

Reading time icon 2 min. read

Calendar icon Published on

by Anmol Mehrotra 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Microsoft has integrated all the Office apps with Antivirus to prevent macro malware attacks. The company is using Antimalware Scan Interface (AMSI) to tackle VBA macros embedded in documents.

Recently, we reported how hackers used Microsoft Excel Documents to carry out CHAINSHOT Malware Attack. These types of attacks are getting common and allow hackers to gain easy access to the victim’s computer. The new AMSI interface is already being added by various Antivirus companies to prevent attacks via malicious JavaScript, VBScript, and PowerShell.

When a potentially high-risk function or method (a trigger; for example, CreateProcess or ShellExecute) is invoked, Office halts the execution of the macro and requests a scan of the macro behavior logged up to that moment, via the AMSI interface.

– Microsoft

Microsoft future notes that the solution might not be perfect but it’s better than nothing. That said since Microsoft is using ATP and Windows Defender, the results can be shared and can block new threats. The Office AMSI integration is turned on by default in all Office 365 applications that support VBA macros, including Word, Excel, PowerPoint, and Outlook. Microsoft will scan all the Macros unless they’re signed by a trusted party or they’re opened in a trusted location.

Source: Microsoft; Via: CSO

Anmol Mehrotra

Anmol Mehrotra Shield

Android and Windows News Reporter

Anmol covers Android and Windows news. He's a tech writer with over a decade of experience.

User forum

0 messages