Excel macros were a game-changer when released, but over the last decade have become much better known as a vector for malware.

In July of 2021, Microsoft released a new Excel Trust Center setting option to restrict the usage of Excel 4.0 (XLM) macros. Now Microsoft has said they have made this setting the default when opening Excel 4.0 (XLM) macros.

XLM is disabled by default in the September fork, version 16.0.14527.20000+

  • Current Channel builds 2110 or greater (first released in October)
  • Monthly Enterprise Channel builds 2110 or greater (first released in December)
  • Semi-Annual Enterprise Channel (Preview) builds 2201 or greater (we create this in January 2022, but it first ships in March 2022)
  • Semi-Annual Enterprise Channel builds 2201 or greater (will ship July 2022)

Customers can manage this setting by following the instructions shared in the original blog post here. Administrators can also use the existing Microsoft 365 applications policy control to configure this setting.

via BleepingComputer

Comments