Search

MC437557 – (Updated) Reminder: Microsoft Office default change – Blocking VBA macros in files from the internet (archived)

SharePoint Logo

check before: 2022-10-07

Product:

Microsoft 365 Apps, SharePoint, Visio

Platform:

Mac, Online, US Instances, Windows Desktop, World tenant

Status:

Launched

Change type:

Admin impact, Feature update, Updated message, User impact

Details:

Updated September 26, 2022: We have updated the content to show as intended. Thank you for your patience.
VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. As a reminder (MC322553 in Feb 2022, MC393185 in June 2022), to help improve security, we are changing the behavior of Office applications to now block macros in files from the internet. Learn more in this blog post.

This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word.
The change described in this post is scheduled to be included in the following channels:
Monthly Enterprise Channel: Version 2208 on Tuesday October 11, 2022
Semi-Annual Enterprise Channel (Preview): Version 2208 on Tuesday October 11, 2022
Semi-Annual Enterprise Channel: Version 2208 on Tuesday January 10, 2023
Note: If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change.

[Key points:]
Timing: Available in Monthly Enterprise Channel and Semi-Annual Enterprise Channel (Preview) in October 2022, available in Semi-Annual Enterprise Channel in January 2023
Action: Review and assess impact

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
Current Channel, Current Channel (Preview)

Created:
2022-09-24

updated:
2022-09-28

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2022-09-28MC prepareEnterprises should evaluate their use of macros in files obtained from the internet to determine how this new default behavior will affect their users.
To learn more about how to get ready for this change and recommendations for managing VBA macros in Office files, read this article for Office admins.
https://go.microsoft.com/fwlink/?linkid=2185272
https://go.microsoft.com/fwlink/p/?linkid=2185771
Enterprises should evaluate their use of macros in files obtained from the internet to determine how this new default behavior will affect their users.
To learn more about how to get ready for this change and recommendations for managing VBA macros in Office files, read this article for Office admins.
https://go.microsoft.com/fwlink/?linkid=2185272
https://go.microsoft.com/fwlink/p/?linkid=2185771
https://go.microsoft.com/fwlink/p/?linkid=2186005
2022-09-28MC Last Updated09/27/2022 06:15:562022-09-27T18:36:16Z
2022-09-27MC MessageTagNamesFeature update, User impact, Admin impactUpdated message, Feature update, User impact, Admin impact
2022-09-27MC Pictureshttps://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWUCm6?ver=7b77
2022-09-27MC Last Updated09/23/2022 22:55:542022-09-27T06:15:56Z
2022-09-27MC MessagesVBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. As a reminder (MC322553 in Feb 2022, MC393185 in June 2022), to help improve security, we are changing the behavior of Office applications to now block macros in files from the internet. Learn more in this blog post.

This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word.
The change described in this post is scheduled to be included in the following channels:
• Monthly Enterprise Channel: Version 2208 on Tuesday October 11, 2022
• Semi-Annual Enterprise Channel (Preview): Version 2208 on Tuesday October 11, 2022
• Semi-Annual Enterprise Channel: Version 2208 on Tuesday January 10, 2023
Note: If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change.

[Key points:]
• Timing: Available in Monthly Enterprise Channel and Semi-Annual Enterprise Channel (Preview) in October 2022, available in Semi-Annual Enterprise Channel in January 2023
• Action: Review and assess impact
Updated September 26, 2022: We have updated the content to show as intended. Thank you for your patience.
VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. As a reminder (MC322553 in Feb 2022, MC393185 in June 2022), to help improve security, we are changing the behavior of Office applications to now block macros in files from the internet. Learn more in this blog post.

This change only affects Office on devices running Windows and only affects the following applications: Access, Excel, PowerPoint, Visio, and Word.
The change described in this post is scheduled to be included in the following channels:
Monthly Enterprise Channel: Version 2208 on Tuesday October 11, 2022
Semi-Annual Enterprise Channel (Preview): Version 2208 on Tuesday October 11, 2022
Semi-Annual Enterprise Channel: Version 2208 on Tuesday January 10, 2023
Note: If you ever enabled or disabled the Block macros from running in Office files from the Internet policy, your organization will not be affected by this change.

[Key points:]
Timing: Available in Monthly Enterprise Channel and Semi-Annual Enterprise Channel (Preview) in October 2022, available in Semi-Annual Enterprise Channel in January 2023
Action: Review and assess impact
2022-09-27MC TitleReminder: Microsoft Office default change – Blocking VBA macros in files from the internet(Updated) Reminder: Microsoft Office default change – Blocking VBA macros in files from the internet
2022-09-27MC How AffectPreviously, it was possible for end users to enable these macros by simply clicking a button on the Trust bar.
Now, with this change, once a user opens an attachment or downloads from the internet an untrusted Office file containing macros, a message bar displays a Security Risk that the file contains VBA macros obtained from the internet with a Learn More button.
[Picture of the red business bar should be added here.]
The Learn More button goes to an article for end users and information workers that contains information about the security risk of bad actors using macros, safe practices to prevent phishing and malware, and instructions on how to enable these macros (if absolutely needed).
Previously, it was possible for end users to enable these macros by simply clicking a button on the Trust bar.
Now, with this change, once a user opens an attachment or downloads from the internet an untrusted Office file containing macros, a message bar displays a Security Risk that the file contains VBA macros obtained from the internet with a Learn More button.

The Learn More button goes to an article for end users and information workers that contains information about the security risk of bad actors using macros, safe practices to prevent phishing and malware, and instructions on how to enable these macros (if absolutely needed).

*starting April 2022

Last updated 8 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!