Microsoft Office 2016 Blocks Malicious Macros
Microsoft released a new feature in Office 2016 that helps administrators prevent macro-based malware infections.Microsoft is making it tougher for enterprises to fall victim to macro-based attacks that prey on Office users. A new policy-setting feature in Office 2016 allows administrators to block macros from untrusted sources. Office macros are sharable bits of code that are meant to automate mundane and repetitive tasks, allowing users to save time while working on Microsoft Word, Excel and PowerPoint files. Naturally, malware authors had other plans. Macro-based malware continues to be a thorn in the side of IT personnel tasked with securing their organizations' systems. According to data from Microsoft's own Office 365 Advanced Threat Protection service, 98 percent of threats targeting Office in the enterprise employ macros. Microsoft has tried to mitigate the threat with the Protected View feature in Word, Excel and PowerPoint. Available since Office 2010, Protected View is a sandboxed version of a given document that disables macros and other potentially unsafe content. It generates a warning message, but users still have the option to enable editing, which opens the file using the software's full capabilities.
According to Microsoft, attackers are growing more adept at using social-engineering tactics to prod users into opening unsafe Office files. Borrowing phishing techniques, attackers may include warnings of their own in the body of an email, paradoxically labeling their own unsafe files as protected content that requires users to enable editing if they want access to the information contained within.