One of the attack methods that hackers can use is a simple Word document that they send in the mail. They use macros that are capable of executing the malicious payload and infecting a system, stealing information, etc. Microsoft has had second thoughts about what to do with macros. Now it looks like it’s back to the idea of blocking them by default and that’s going to make it more secure.
Microsoft blocks macros again
Microsoft decided to block macros to avoid attacks through a simple Word or Excel file. However, some time later they re-enabled them and now they have finally backed down and are going to block them again. These are the VBA macros that can be enabled when downloading an Office file.
They ensure that they already have the documentation ready for both users and administrators and can now block them without problems. This novelty will gradually reach the users’ systems. From then on, macros will be automatically blocked in Microsoft Office documents arriving over the Internet.
This affects the different Office applications, such as Access, Excel, PowerPoint or Word. The objective is to break one of the ways that hackers have to sneak malware. They are very common in Phishing attacks, through which cybercriminals invite the victim to click on a file and download it. Malicious macros were automatically executed and the problem started. That will no longer be possible.
They have been working on this change for a long time. In fact, the idea was to launch it between April and June. So it was. But from Microsoft, suddenly, they decided to put it aside and re-enable macros. But it didn’t take long to back down.
The reason there has been some uncertainty is that many users claimed that they could not easily find the option to unlock macros manually. Others, on the other hand, said that it was inconvenient to have to do this step continuously every time they downloaded a file.
Avoid attacks with Word files
We have seen that Microsoft has taken a first step to help us maintain secure when downloading Word or Excel files that we download by email. But it is important to take other additional measures to ensure that our privacy and security are protected at all times and there are no problems.
The most important thing is common sense. You should never download and open documents without really knowing who is behind it. It is advisable to know the source and not download files that may be dangerous. It is essential to avoid making mistakes to protect the system from many types of malware that arrive through this means.
It is also a good idea to have a good antivirus. This type of program will help you detect malware that may reach the system and eliminate it if necessary. There are many options to protect your computer, but you should always choose one that is guaranteed to work properly.
Likewise, having everything updated is going to be very important to avoid security problems. Always install all Windows patches and updates and thus avoid vulnerabilities that can be exploited.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.