Skip to main content

Macro viruses are back, but Office 2016 has a new feature that can help

microsoft headquarters
Albertus Engbers/123rf
Microsoft Office macro viruses aren’t the only resurgent ’90s phenomenon right now, but they are the one that cause network administrators to lose the most sleep. Microsoft is offering a new tool for Office 2016 that might help.

Enterprise administrators can now set network-wide rules that disable macros for all documents downloaded from the Internet, allowing only locally created macros to run. Microsoft outlined the new features in a blog post on Technet, which also explores the extent of the problem.

It turns out that, in enterprise environments, macro viruses make up the bulk of Office-specific attacks: 98 percent, to be exact. Macros allow Office users to automate all kind of things inside a document, but have also been a popular vector for viruses since the days of Windows 95. Such macro viruses are on an upswing again this year.

“The enduring appeal for macro-based malware appears to rely on a victim’s likelihood to enable macros,” says the Microsoft post. “Previous versions of Office include a warning when opening documents that contain macros, but malware authors have become more resilient in their social engineering tactics, luring users to enable macros in good faith and ending up infected.”

The new feature prevents individual users from enabling macros in certain situations. Network administrators in an enterprise environment can set group policy that makes opening such malware less likely. Three kinds of documents can be filtered:

  • Documents downloaded from file-sharing sites like OneDrive and Dropbox.
  • Documents attached to emails that came from outside the organization (assuming your network uses Outlook and Exchange for email).
  • Documents opened from public shares, such as file-sharing sites.

Administrators can disable macros in all documents that come from these sources, without blocking macros in documents created locally or stored on the company server.

This policy could potentially annoy some users, but it’s likely a good security move for any company concerned about macro viruses. And while there’s no version of this feature in the home version of Office right now, we hope something similar comes along there as well.

Editors' Recommendations

Justin Pot
Former Digital Trends Contributor
Justin's always had a passion for trying out new software, asking questions, and explaining things – tech journalism is the…
Here are all the helpful new features coming to Microsoft Teams soon
A video call in progress on Microsoft Teams.

Building on the momentum of the previously announced Together Mode video chat feature for Microsoft Teams, Microsoft is introducing a list of new abilities and features for its Teams collaboration service.

Announced at Microsoft's all-digital Ignite 2020 conference, the list includes new well-being tools for employees, calling enhancements, and a whole lot more. Here's a look at everything you need to know.
Virtual Commute

Read more
New Microsoft live dictation and transcription feature for Word is now available
A person using MS Word.

A new Transcribe feature is available today in Microsoft Word on the Web for paid Microsoft 365 subscribers. Designed to help writers and journalists instantly and easily transcribe in-person conversations or virtual interviews, Microsoft hopes the feature can help users save time and accomplish more throughout the day.

Like the Dictate feature that already turns spoken words into text in Word, Transcribe in Word on the Web in Microsoft 365 is seamless. It is currently available in any web browser by visiting Microsoft Word online and clicking the Home tab, followed by the down arrow next to the Dictate icon, and then the Transcribe button.

Read more
Office 365 becomes Microsoft 365, adds features and the power of A.I.
office app

It’s Office … only better?

Microsoft is unveiling big changes to its Office 365 product, the company said Monday, starting with a name change: Office 365 is now Microsoft 365, a change meant to signify to customers that more of Microsoft is coming in the subscription service, such as tech support and the power of A.I. The company is using A.I. to create new tools, add new rich content types, and include new cloud-powered experiences.

Read more