Macro malware remains one of the oldest yet apparently still effective in circulation today. Its resurgence in the last few years— notable recent examples of it being featured include DRIDEX
ransomware—show that despite Microsoft having already taken steps to try and counter this threat (Microsoft disabled macros by default from Office 2003 versions and up), many users still fall victim to it, no thanks to well-crafted social engineering tactics.
[Read: 20 Years of Macro Malware: From Harmless Concept to Targeted Attacks]
It comes to no surprise, then, that the software giant is trying once again to help address this issue, and it comes in the form of a new feature rolled out with the latest Microsoft Office 2016 suite.
So what’s the new feature all about? Microsoft explains that the new feature will allow corporate network administrators to block the execution of macros that retrieve content from untrusted sources, i.e. from the Internet or anywhere outside the company or organization network. Simply put, if this feature is activated, then no one in the company network will be able to execute macros on any downloaded Office document.
While this is not the end-all solution of macro malware, this is still a great step in combating its current effectiveness, as it limits the chances of an employee inadvertently executing malicious macros in a moment of weakness (or carelessness). Of course, one will also have to contend with not being able to execute macros even when they’re from a verified outside source, but it’s better to be safe than sorry.
Here’s a quick guide to activate the feature:
- Download the Office 2016 Administrative Template files (ADMX/ADML) and Office Customization Tool from Microsoft's website.
- Open the Group Policy Management Console. Click Start > Control Panel > Administrative Tools > Group Policy Management.
- Locate and right-click the Group Policy Object that you want to configure and click Edit.
- Select the Group Policy Management Editor, go to User Configuration.
- Select Administrative templates > Microsoft Word 2016 > Word options > Security > Trust Center.
- Open the Block macros from running in Office files from the Internet option and enable it.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.