Microsoft has made it a bit harder for macro viruses to proliferate with a recent change to its default macro security policies. Malware-infected Microsoft Office macros have been around for close to three decades. These exploits involve inserting code into a seemingly innocuous Word or Excel macro, which is then downloaded by an unsuspecting user by clicking on a phishing lure or just a simple misdirected email attachment. Recently, Microsoft changed the default settings, making it harder both for this type of malware to spread and also harder for IT managers who have to figure out how to manage their legitimate macro users. And then, they rolled back these changes, based on user complaints. I explain the details in this post for Avast’s blog.
A better treatment, with lots of specifics on Office group policy settings, can be found in Susan Bradley’s CSO piece here.