Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Office 2013 Gets Macro-Blocking Feature

Microsoft this week announced boosted customer security with a new feature in Office 2013: the ability to block risky macros.

Microsoft this week announced boosted customer security with a new feature in Office 2013: the ability to block risky macros.

The new functionality is Microsoft’s response to the growing trend of macro-abusing malware assaulting users worldwide and is meant to render corporate networks safer from such threats. Enterprise administrators can now block Office 2013 users from running macros in documents that originated from the Internet.

Earlier this year, the Redmond-based tech giant introduced the functionality in Office 2016 to prevent malicious macros from compromising computers in specific scenarios, and now it made it available for more of its customers.

The same as in Office 2016, enterprise admins can enable the option for Word, Excel, and PowerPoint. Control over this feature is available via the respective application’s Group Policy Administrative Templates for Office 2013.

The functionality is meant to work in Office 2013 exactly the same as in Office 2016, Microsoft says. Thus, organizations have the option to selectively scope macro use to a set of trusted workflows, while also being able to block users from enabling macros in scenarios that are considered high risk. Courtesy of a different and stricter notification, users will be able to more easily distinguish between high-risk situations and normal workflow.

The feature is meant to address the issue of risky macros in documents downloaded from websites or cloud storage services such as OneDrive, Google Drive, and Dropbox. Macros in documents received as attachments in emails from outside sources, as well as those opened from file-sharing services are also targeted.

Macros have recently reemerged as a popular malware distribution method after being nearly extinct for almost a decade, when Microsoft decided to turn them off by default in Office. Now, cybercriminals use various social engineering tactics to trick users into enabling macros in malicious documents.

Researchers observed threat groups abusing macros to deliver malware, but this delivery method is mostly used to infect computers with ransomware or banking Trojans. Recently, researchers discovered that attackers create macro-enabled documents and then rename them by changing their extension, so that detection systems wouldn’t block their delivery.

Advertisement. Scroll to continue reading.

Related: Microsoft Blocks Risky Macros in Office 2016

Related: Attackers Disguise Macro Malware by Renaming Files

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards.

Endpoint Security

Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Endpoint Security

The Zero Day Dilemma

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...