Microsoft blocks macros from running in Office files from the Internet

The issue of Office VBA macros has come to an end, and Microsoft has restarted to disable VBA macro modules from the Internet by default. That is, if a user downloads an Office file from the Internet with a VBA macro module, it will be blocked from running, even if the user manually clicks to run.

This security strategy is mainly used to avoid phishing attacks. Many attackers will forge so-called orders to induce corporate personnel to manually load macro modules. In view of the great threat of such attacks and the growing trend, Microsoft has decided to block the operation of such macros by default to improve security.

Microsoft has banned macros from running on the Internet since April, after the company temporarily withdrew the security measure on July 8 due to strong opposition from many companies. At that time, Microsoft had emphasized that the withdrawal was only temporary and would continue to implement the policy, but it was unexpected that Microsoft had resumed the measure so quickly today.

“Based on our review of customer feedback, we’ve made updates to both our end user and our admin documentation to make clearer what options you have for different scenarios,” Microsoft explained in a new update in the Microsoft 365 message center. “For example, what to do if your users have files on SharePoint or files on a network share.”

“If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change,” Microsoft added.