IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft confirms VBA macro backtrack is only "temporary"

More details on the project's timeline will be revealed but there is still no details on the feedback that prompted Microsoft to reverse the change in the first place

Microsoft has said its reported unblocking of VBA macros for Office documents is only a temporary measure and they will be blocked again soon by default.

Security experts were quick to criticise Microsoft after the news broke last week that it would be reversing the change it announced in February, one that was greeted overwhelmingly positively at the time.

In a Friday update to the company’s original announcement blog post, Microsoft explained that the rollback of the default VBA macro block was a temporary measure taken while it makes changes to increase usability.

“This is a temporary change, and we are fully committed to making the default change for all users,” it added.

Microsoft has not detailed the timeline for when it expects to re-enable the default block on VBA macros, but plans to provide additional details “in the upcoming weeks”.

Why did Microsoft backtrack?

Angela Robertson, principal group product manager at Microsoft Office 365’s identity and security team, replied to a user on a Microsoft support forum last week explaining that the company’s heralded new stance on VBA macros was going to be reversed.

The company said in February that it would block them by default for five Office apps - news that was greeted warmly by the community, albeit a move many deemed to be long overdue.

Robertson explained that the decision was made following user feedback and that a more detailed explanation would be reaching the community soon.

Related Resource

Which is the best way to acquire your IT?

Purchase, lease or consumption-based IT solutions

Whitepaper cover with image of female sat on floor with laptop on her kneeFree Download

It’s still unclear what the feedback was to prompt the decision, but Office macros are often used to automate highly manual functions in files such as spreadsheets, and various company departments use them to streamline their workflows.

The issue with VBA macros is that the feature is often abused in phishing attacks. A typical scenario would see a cyber criminal send a specially crafted document to an unwitting victim, encouraging them to download and open the document, such as an Excel file.

The victim would be greeted by a familiar user interface but in order to interact with the document, they would have to click a button in a ribbon to ‘enable content’. This would then trigger a download and installation of malware or ransomware, in a typical attack scenario.

Microsoft’s decision to disable VBA macros by default came into effect in April and experts said the change “had already begun to influence threat actor behaviours to use other things”.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

Microsoft reveals price decreases for Teams Rooms, new free tier
Business operations

Microsoft reveals price decreases for Teams Rooms, new free tier

18 Aug 2022
Microsoft blocking Tutanota users from Teams registration, claims fix unfeasible
Business operations

Microsoft blocking Tutanota users from Teams registration, claims fix unfeasible

8 Aug 2022
Microsoft wins five-year digital transformation deal with Australia’s largest telco
digital transformation

Microsoft wins five-year digital transformation deal with Australia’s largest telco

26 Jul 2022
Slack Connect vs Microsoft Teams Connect: Better than email?
collaboration

Slack Connect vs Microsoft Teams Connect: Better than email?

20 Jul 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Google is now spending a staggering amount on blockchain
Business strategy

Google is now spending a staggering amount on blockchain

17 Aug 2022
UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022