Microsoft has announced improved protections for users of its Office suite by no longer allowing them to enable macros with a single click.
Small programs designed to help with the execution of repetitive tasks in Microsoft Office applications, macros have long been abused for malicious purposes, and for years Microsoft has been seeking ways to prevent such behaviour.
For documents coming from unknown or untrusted sources, the company has been blocking macros by default, but provided users with the option to enable them by clicking on a yellow warning at the top of the document. Malicious actors have found a way around this by crafting specially-themed documents and luring the intended victims not only into opening them, but also into enabling the macros.
Read More: https://www.securityweek.com/microsoft-ups-office-protections-improved-blocking-macros