While Office 2016 is Microsoft's lead productivity suite, millions of users are still back on Office 2013. The older service is more open to threats, especially in an increased macro-borne threat environment. To help secure Office 2013, Microsoft has drafted in a feature from its newer Office 2016 suite.
Microsoft says macro-borne threats are a real problem. The company says macros are actually a legitimate way to automate tasks in Office. It is hardly a surprise that they have also become a way to deliver malware to Office 2016/2013.
This type of attack is usually hidden in a piece of software, such as a Word document or Excel. Microsoft said “In response to the growing trend of macro-based threats, we've introduced a new, tactical feature in Office 2016.”
Earlier in the year, Microsoft rolled out a new feature for Office 2016 that allowed admins to block macros. The company admits that the amount of macro-malware attacks targeting Office is a concern. Indeed, 98% of all Office targeted attacks come through macros.
The feature gives more control over macro access, while alerts about suspicious emails are now more robust.
Macro-Malware Protection in Office 2013
Microsoft has now brought this feature to Office 2013. Announced in a blog post, the company says admins will need to use Group Policy Templates.
“We are pleased to announce that, as of September 2016, this feature is now part of Office 2013 – and it works in the same way as it does in Office 2016. Administrators can enable this feature for Word, Excel, and PowerPoint by configuring it under the respective application's Group Policy Administrative Templates for Office 2013.”