The latest update for Redmond's productivity suite adds the ability to deal with macro malware attacks that may be embedded in one of the software applications.
Adding to the company's fight is a new update for Office 2016 that gives the productivity suite a new set of security features that work to stop macro-malware attacks.
The company admits that the amount of macro-malware attacks targeting Office is a concern, with 98% of all Office bound attacks utilizing macro.
It should be noted that this percentage is all attempted attacks and not ones that were successful, but nevertheless it shows that macro-malware is the chief virus problem for Office at the moment.
Macros should not entirely scare users, as Microsoft points out they are a legitimate way to automate tasks in Office, the problem is when malware is attached to macros. This type of attack is usually hidden in a piece of software, such as a Word document or Excel spreadsheet and needs to be “opened” by a user who thinks they are opening a normal email or document.
That means users generally need to be on the lookout for spam emails, but for Office 2016 users who may have dozens of mails and documents sent each day, it is easier said than done to filter mails manually.
“In response to the growing trend of macro-based threats, we've introduced a new, tactical feature in Office 2016 that can help enterprise administrators prevent the risk from macros in certain high risk scenarios. This feature:
Allows an enterprise to selectively scope macro use to a set of trusted workflows.
Block easy access to enable macros in scenarios considered high risk.
Provide end users with a different and stricter notification so it is easier for them to distinguish a high-risk situation against a normal workflow.”
Microsoft's new update gives an administrator control over the level of macro access users have, while the suite now sends stronger warnings about suspicious emails. The company says this makes the new feature perfect for companies with many Office users, but not necessarily with tech savvy users. Giving the administrator control means individuals will not be opening suspicious emails as regularly.
SOURCE: Microsoft Technet