Microsoft U-turns on decision to block Office macros by default

Microsoft takes U-turn on decision to block Office macros by default

Image:
Microsoft takes U-turn on decision to block Office macros by default

The company said earlier that it would block VBA macros by default in a variety of Office apps, it has now mysteriously reversed this decision

Microsoft has decided to reverse its plan to block Office macros by default.

On Thursday, the company informed admins in the Microsoft 365 message centre that it was rolling back its decision to block Office macros from Current Channel in light of user criticism.

"We appreciate the feedback we've received so far, and we're working to make improvements in this experience," the company said.

"We'll provide another update when we're ready to release again to Current Channel. Thank you."

The decision implies that macros will no longer be blocked by default in Microsoft Office applications such as Word, Excel, PowerPoint, Access and Visio.

For the past several months, the Redmond-based company has been holding conversations with customers regarding its choice to disable internet macros by default in Office applications.

Visual Basic for Applications (VBA) macros are powerful automation tools that can add functionality to Microsoft Office. However, hacking groups often abuse them to distribute harmful payloads like ransomware to unsuspecting users.

In February, Microsoft announced that it would begin blocking VBA macros by default in a variety of Office apps - making it more difficult for threat groups to remotely install malware via compromised documents.

Early in April 2022, the change was introduced in Version 2203, starting with Current Channel (Preview), and it was scheduled to become generally available in June 2022.

The company said that once the new functionality came into effect, Office users would no longer be able to enable macros with a single click of a button. While it would still be possible to turn macros on, the simple confirmation pop-up would no longer appear. Instead, users would see a message bar informing them that macros are blocked, alongside an option to learn more.

Microsoft's latest decision to roll back the change is unexpected, since the cybersecurity community mostly supported the company's choice to block macros in Office products.

So far, the firm has not given a detailed explanation for this decision.

In fact, there wasn't even a private advisory about the change until Microsoft users started detecting the change in the Current Channel on Wednesday.

The reversal caused the "Enable Editing" and "Enable Content" boxes to reappear at the very top of downloaded Office documents that had embedded macros. These buttons had previously been removed.

In the comments section of a blog post that Microsoft published in February, a Microsoft Office users asked, "Is it just me or have Microsoft rolled this change back on the Current Channel?"

Microsoft principal GPM, identity and security Angela Robertson reacted to user inquiries about the reversal.

"Based on feedback received, a rollback has started. An update about the rollback is in progress," Robertson said. "I apologise for any inconvenience of the rollback starting before the update about the change was made available."

Another user voiced their dissatisfaction with Microsoft's "lack of communication" and requested that the company provide further information about the rollback "elsewhere."

Additionally, the user requested that Microsoft be more transparent about the changes it makes to a feature that is used by a large number of people.