This happens even though Microsoft has been encouraging the transition to the more secure Visual Basic for Applications (VBA) for quite some time now. Such measures had to be taken because malicious third parties abuse macros to inject malware into enterprise systems frequently, so their continued use facilitates a relatively accessible attack window.

Security threats prompted XLM macro restrictions in Excel

The Redmond-based tech giant tried to tackle this problem to some extent by introducing runtime inspection of XLM macro code, back in March 2021. Now, Microsoft announced that it will restrict XLM macros by default for customers utilizing Excel, after hinting at it back in July 2021, and the change is now rolling out publicly. Be default, the Excel Trust Center option for the use of macros will indicate that the language is disabled. IT admins and organizations obviously still have the ability to modify the default behavior using Group Policy, Cloud policies, and ADMX policies.

Cloud policies may be deployed with the Office cloud policy service for policies in HKCU.  Cloud policies apply to a user on any device accessing files in Office apps with their AAD account. ADMX policies may be deployed with Microsoft Endpoint Manager (MEM) for both HKCU and HKLM policies. These settings are written to the same place as Group Policy, but managed from the cloud in MEM. There are two methods to create and deploy policy configurations: Administrative templates or the settings catalog.

The new default configuration is now rolling out for the following customers:

Current Channel builds 2110 or greater (first released in October) Monthly Enterprise Channel builds 2110 or greater (first released in December) Semi-Annual Enterprise Channel (Preview) builds 2201 or greater (we create this in January 2022, but it first ships in March 2022) Semi-Annual Enterprise Channel builds 2201 or greater (will ship July 2022)

Just to make sure there aren’t any confusions, it applies to the September fork version 16.0.14527.20000 and above. Of course, IT admins can also choose to completely disable the use of existing and new XLM macros across an organization for enhanced security. What are your feelings on these latest seurity measures imposed by Microsoft? Share your thoughts with us in the comments section below.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ