Based on a few weeks of community feedback: In Microsoft 365 , macros are no longer turned off by default.

Microsoft 365 logos(Image: Microsoft)

Microsoft has abolished the automatic deactivation of macros in various Office programs, but without communicating this transparently (via Bleepingcomputer ): “Based on feedback, we have reset the setting, an update is in progress ,” said Angela Robertson, Principal GPM for Identity and Security at Microsoft, to justify.

In addition to the pure decision, the manner was also problematic: “I apologize for any inconvenience caused by the rollback before we informed you about it,” added Robertson. The change was made without notice, only later did Microsoft name it in the Office 365 admin center.

In February 2022, Microsoft announced the release of a patch for April that would disable VBA macros in Office programs by default. This means that users can no longer run scripts based on Visual Basic for Applications (VBA). However, the feature was not removed, only deactivated.

Disabled, not removed

So advanced customers could reactivate it and continue using it. VBA macros in Office programs are a common attack vector that can affect companies. Scripts are hidden in macros and distributed on the Internet. Microsoft Office users download and run manipulated macros or Office documents populated with the macros, unaware of the damage they can cause.

A large number of companies use macros for documents that are trusted because they are created internally or are digitally signed with a valid signature, which is why the default deactivation can have a very negative impact on the workflow. The rollback affects Access, Excel, Powerpoint, Visio and Word.

On the other hand, VBA macros are a door opener for all kinds of malware, such as Emotet.