Microsoft Finally Clarifies Decision To Unblock Potentially Dangerous Office Macros

It's been three or four days since Microsoft rolled back the macro blocking update on "Current Channel" for Microsoft Office 365 users. Finally, we have a confirmed reason and some more information about the future of macros in Microsoft Office.

According to a recent post the reasoning for rolling back the change is to improve usability. This seems to play into the theme that we explored last week when we posited that it is likely many small businesses who rely heavily on macro work in Microsoft Office who might be affected.

"Following user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability. This is a temporary change, and we are fully committed to making the default change for all users. Regardless of the default setting, customers can block internet macros through the Group Policy settings..." said Kellie Eickmeyer on the Microsoft TechCommunity article about the change.

vba screenshot
Visual Basic for Applications Example

So ultimately, Microsoft still sees the macro as a bad actor access point for malware and viruses. Because of this system administrators still have the capability to enable a group policy that will block macros from unknown sources or downloaded Office files. From a high security perspective it is probably even a good idea to do something like this.

Additionally the long term plan is to re-enable the blocker by default, but for now, that blocker is disabled by default. So it is normal risky behavior as usual. Hopefully the future holds some more clear options for administrators and their users while not hindering capabilities that are needed for most.

excel screenshot
Microsoft Excel Screenshot

As stated in our previous article the roll back happened without warning. This upset many users who were starting to inform their users of the new behavior. A behavior which is definitely far more secure. It ultimately means system administrators have to step back, enforce group policies, communicate to their users, and it just basically adds extra work. At the very least an early warning to system administrators would have been nice in order to give them a chance to prepare.