Microsoft Backtracks (Temporarily?) on Policy to Block All Macros with Mark of the Web

Microsoft official announces in blog comments (!) that they are rolling back their recently implemented VBA-blocking policy.

Microsoft Backtracks (Temporarily?) on Policy to Block All Macros with Mark of the Web

Big shout-out to Vince Hardwick, who alerted me on Twitter that Microsoft has very quietly begun rolling back its default blocking of VBA macros that just went into effect with Office version 2203 and started rolling out on April 12, 2022.

The rest of the Twitter thread links back to this Microsoft Tech Community article, Helping users stay safe: Blocking internet macros by default in Office, where Vince asked in the comments about an apparent rollback of this new feature:

Is it just me or have Microsoft rolled this change back on the Current Channel?, posted by vincehardwick at 2022-07-06 8:33 AM

Amazingly, Microsoft official Angela Robertson responded in the affirmative:

@vincehardwick Based on feedback received, a rollback has started. An update about the rollback is in progress. I apologize for any inconvenience of the rollback starting before the update about the change was made available. @PhoebeYuan FYI

A Temporary Rollback?

As Twitter user @exceloffthegrid notes, there's a very good chance this is simply a delay as Microsoft works through the biggest issues raised via "feedback received" as a result of this change.  

I personally believe the policy itself is sound.  VBA-enabled Office files are a significant threat.

That said, Microsoft clearly didn't expect Office users to respond to their policy change with a collective rage that made women scorned lean back in their chairs and say, "Now that's fury!"

UPDATE [2022-07-11]: Microsoft has officially confirmed they are rolling back the change and that it is only temporary.  Here's their update message:

Following user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability. This is a temporary change, and we are fully committed to making the default change for all users.

Regardless of the default setting, customers can block internet macros through the Group Policy settings described in this article.

We will provide additional details on timeline in the upcoming weeks.

Referenced articles

Office to Disable All VBA Code in Files from the Internet
Beginning in April 2022, users will no longer have the option to manually enable VBA code in Office files downloaded from the internet.
Yes, VBA-Enabled Office Docs are a Significant Threat
VBA-enabled documents are commonly used to open the door for more virulent malware.

External references

Helping users stay safe: Blocking internet macros by default in Office
It’s a challenging time in software security; migration to the modern cloud, the largest number of remote workers ever, and a global pandemic impacting staffing and supply chains all contribute to changes in organizations. Unfortunately, these changes also give bad actors opportunities to exploit or…

All original code samples by Mike Wolfe are licensed under CC BY 4.0