Threat Management, Incident Response, Malware, TDR, Vulnerability Management

New feature in Microsoft Office blocks macro-based malware

Microsoft on Tuesday released a new feature in its Office 2016 software that it claimed can help "enterprise administrators prevent the risk from macros in certain high risk scenarios," according to a Microsoft blog.

Macros are used to load dynamic content in the popular Word, Excel and Powerpoint programs. Criminals deliver macro malware through spam messages, which – via social engineering – trick users into downloading docs. Then they are instructed to exit Protected View and Enable Macros to view the content in its entirety. Malicious scripts in the document's macro are executed, and the malware is loaded from a remote server, downloaded onto the computer and launched.

Microsoft said the update lets an enterprise selectively scope macro use to a set of trusted workflows and provide end-users with a different and stricter notification.

Admins can enable this feature by configuring it under the app's Group Policy Administrative Templates for Office 2016.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds