F-Secure comment on blocking Office Macros
February 2022 by F-Secure
Following the Microsoft update that it plans to block Office Macros, F-Secure comment:
Callum Roxan, Head of Threat Intelligence: “Any move towards security as a default, and not an option, is a real positive change. Complexity is a serious barrier to security and this change will help many organizations protect themselves. Threat actors will adapt, but macros have been a prevalent threat for a long time and this change will raise the cost and complexity for attackers”.
John Rogers, Senior Incident Response Consultant: “This is a long-awaited change by the cyber security industry which is expected to greatly reduce the chances of harmful malware being delivered via phishing emails. However, it won’t completely remove the threat. This change should not impact the small number of users who are required to run macros as a legitimate business function as it will only change the default behaviour, which admins can change on a case-by-case basis. It’s great to see a secure by design approach which would protect the majority of users as opposed to leaving security up to the untrained user.”