Undoing Microsoft Macros Block By Default
Industry: N/A | Level: Strategic | Source: BleepingComputer
Despite security improvements to block macros by default in Microsoft Office products, overall customer feedback has caused Microsoft to roll back the decision. As reported by BleepingComputer, notifications were provided to admins on Thursday, July 7th, 2022, in 365 message center "Based on feedback, we're rolling back this change from Current Channel." The change also came as a surprise to many admins, not expecting the sudden rollback. "Rolling back a recently implemented change in default behavior without at least announcing the rollback is about to happen is very poor product management." Microsoft has not shared details on the type of feedback the company received to reverse its decision to enable macros by default. The change whilst cumbersome to regular users of Microsoft Office, has impacted widespread malware distribution with threat actors observed to adjust their infection chain for malware such as Emotet and Qakbot. The security implications from the reversal could almost certainly mean threat actors will reuse their old, trusted macro execution TTPs.