Threat actors turn to QR codes and other creative techniques as macros are blocked
The default blocking of macros in MS Office is forcing threat actors to be more creative with their attack methods, according to the latest report from HP Wolf Security.
There have been increases in the levels of malware delivered in PDFs and zip files, as well as a rise in 'scan scams' using QR codes to trick users into opening links on mobile devices.
Microsoft performs an about-face on Office macro security policy -- albeit a temporary one
VBA macros in Microsoft Office are an incredibly common means of delivering malware, and this is precisely why Microsoft made an announcement earlier this year that macros would be blocked by default. But now the company has changed its mind.
The change will not be permanent, however. Microsoft still plans to block macros in documents obtain from the internet -- it's just not quite clear when. The company says that the change of heart is a result of user feedback, and while macros will remain enabled by default for the time being, this will change at some point in the future; it's just not happening as soon as we thought.
Microsoft will disable Office VBA macros by default to block malware
In so many ways macros have made life easier for Office users, helping to automated and speed up a variety of tasks. But they also pose a gigantic security threat, particularly in documents downloaded from the internet.
Now Microsoft is taking action, and will block internet macros by default in Office. The reason for the move is the widespread exploitation of VBA macros by bad actors to spread malware.