Microsoft Office 365 gets protection against malicious XLM macros

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,114
Microsoft has added XLM macro protection for Microsoft 365 customers by expanding the runtime defense provided by Office 365's integration with Antimalware Scan Interface (AMSI) to include Excel 4.0 (XLM) macro scanning. [...]
Click to expand...
"The recent AMSI instrumentation in XLM directly tackles the rise of malware campaigns that abuse this feature," Microsoft said.
"Because AMSI is an open interface, other antivirus solutions can leverage the same visibility to improve protections against threats."

AMSI-XLM-instrumentation

Image: Microsoft
Click to expand...
"The visibility provided by AMSI leads to significant improvements in generic and resilient signatures that can stop waves of obfuscated and mutated variants of threats," Microsoft added.
Click to expand...
www.bleepingcomputer.com

Microsoft Office 365 gets protection against malicious XLM macros

Microsoft has added XLM macro protection for Microsoft 365 customers by expanding the runtime defense provided by Office 365's integration with Antimalware Scan Interface (AMSI) to include Excel 4.0 (XLM) macro scanning.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
Reactions: Venustus, Zartarra, upnorth and 7 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
We are introducing a change to the Excel Trust Center Macro settings to provide a more secure experience for users by default. This new default behavior will disable Excel 4.0 macros.

Note: Users who have already configured this setting or have a group policy configuration in place will not be affected by this change.
Click to expand...
m365admin.handsontek.net

Macro Settings Update to Disable Excel 4.0 Macros by Default - M365 Admin

We are introducing a change to the Excel Trust Center Macro settings to provide a more secure experience for users by default. This new default behavior will disable Excel 4.0 macros. Note: Users who have already configured this setting or have a group policy configuration in place will not be...
m365admin.handsontek.net m365admin.handsontek.net
 
  • +Reputation
  • Like
Reactions: silversurfer, harlan4096 and Gandalf_The_Grey
silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,114
Microsoft will begin disabling Excel 4.0 macros in all tenants using this rollout schedule:
  • Insiders-Slow: will rollout in late October and be complete in early November.
  • Current Channel: will rollout in early November and be complete in mid-November.
  • Monthly Enterprise Channel (MEC): will begin and complete rollout in mid-December.
Microsoft will not be making any changes for users who have manually configured this setting or configured it via group policies.
Click to expand...
www.bleepingcomputer.com

Microsoft is disabling Excel 4.0 macros by default to protect users

Microsoft will soon begin disabling Excel 4.0 XLM macros by default in Microsoft 365 tenants to protect customers from malicious documents.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
Reactions: mkoundo, Gandalf_The_Grey and harlan4096

Similar threads

Lymphocyte
    • Like
    • Wow
Security News Microsoft Defender adds detection of unsecure Wi-Fi networks
Replies
0
Views
1,519
Security News
Lymphocyte
Lymphocyte
oldschool
    • Like
    • +Reputation
    • Thanks
New Update Enhanced Phishing Protection in Microsoft Defender SmartScreen
Replies
11
Views
905
Windows 11
simmerskool
simmerskool
M
    • Like
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Replies
0
Views
429
Microsoft Defender
Microsoft Threat Intelligence
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top