While Microsoft claimed it would block VBA macros on downloaded documents earlier this year, the company recently announced it will roll back the change until further notice.
The tech giant had a change of mind due to customer feedback, according to a report in BleepingComputer. The company failed to explain the reason behind the decision and has yet to publicly inform customers that VBA macros embedded in malicious Office documents will no longer be blocked automatically in Access, Excel, PowerPoint, Visio, and Word.
“Based on feedback, we’re rolling back this change from Current Channel,” the company notified admins in the Microsoft 365 message center. “We appreciate the feedback we’ve received so far, and we’re working to make improvements in this experience. We’ll provide another update when we’re ready to release again to Current Channel. Thank you.”
The change began rolling out in Version 2203, starting with Current Channel (Preview) in early April 2022, with general availability expected in June 2022.
For customers, a welcome change
This was a welcome and highly expected change, given that VBA macros are a popular method to push a wide range of malware strains via phishing attacks with malicious Office document attachments.
With VBA macros blocked by default, everyone was expecting attacks that delivered malware — such as information-stealing trojans and malicious tools used by ransomware groups — to be automatically thwarted. The update, however, will be rolled back for now.
“Based on feedback received, a rollback has started”, replied Angela Robertson, a Principal GPM for Identity and Security on the Microsoft 365 Office team. “I apologize for any inconvenience of the rollback starting before the update about the change was made available.”