Microsoft helps companies harden further against Word Macro attacks

by Surur
September 6, 2021

Is Copilot the best AI companion out there? Help us find out by answering a couple of quick questions!

We reported recently that hackers were using social engineering to trick users into disabling malware protection, allowing macros in infected word documents to take over computers and ultimately company networks.

Microsoft is currently working on rolling out the ability for company admins to disable all active content in documents, even those marked as Trusted.

Currently, network admins can block insecure content from running, but users can always run Trusted content, even when that content has been added to and potentially compromised.

“We are changing the behavior of Office applications to enforce policies that block Active Content (ex. macros, ActiveX, DDE) on Trusted Documents.  Previously, Active Content was allowed to run in Trusted Documents even when an IT administrator had set a policy to block it.”

Users will still be able to view content in Protective View, but all active content will be disabled.

The update is rolling out in October this year.

via BleepingComputer.

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}