Microsoft says last week’s decision to roll back VBA macro auto-blocking in downloaded Office documents is only a temporary change.
Redmond announced in February that Microsoft Office would automatically block VBA macros in all documents downloaded from the Internet after a rollout stage between April and June.
However, as BleepingComputer first reported last week, soon after this new feature went live for all customers last month, Microsoft warned without any real explanation that this change would be rolled back.
This again leaves Windows and Microsoft Office users exposed to attacks launched via Office documents with embedded malicious macros.
“Based on feedback, we’re rolling back this change from Current Channel. We appreciate the feedback we’ve received so far, and we’re working to make improvements in this experience,” Redmond told admins in the Microsoft 365 message center on Thursday.
“We’ll provide another update when we’re ready to release again to Current Channel. Thank you.”
While the company revealed the change to admins following M365 message center updates, it failed to make a public announcement and updated the original notification to say it was a temporary rollback only after customers found Office macro blocking was no longer enabled.
“Following user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability,” explained Kellie Eickmeyer, a principal program manager at Microsoft, in a Friday update to the February announcement.
“This is a temporary change, and we are fully committed to making the default change for all users. We will provide additional details on timeline in the upcoming weeks.”
Lack of communication leads to confusion
Microsoft pinned the temporary rollback of this much-awaited Office security boost on user feedback and is yet to reveal what it wants to change to improve usability.
“I apologize for any inconvenience of the rollback starting before the update about the change was made available,” Angela Robertson, a Principal GPM for Identity and Security on the Microsoft 365 Office team, told confused customers last week.
Although the company has not shared the negative feedback that led to the rollback, customers have reported they cannot re-enable macros after they’re automatically blocked because they can’t find the Unblock button to remove the Mark-of-the-Web from downloaded files.
Some admins also feel that the decision was a problem for end-users who would find it burdensome to unblock each downloaded Office document multiple times each day.
Office users who still want automatic blocking of macros in downloaded Microsoft Office files enabled on their systems can read our easy-to-follow tutorial here.
Source: www.bleepingcomputer.com