Microsoft Office is delaying blocking dangerous macros that can be used to exploit vulnerabilities in Apple Macs. The company said in a statement on Thursday that it was making the change because of the potential for abuse. “We are aware of some potential misuse of macros and have decided to delay their blocking until we have more information about how they are being used,” Microsoft said. Apple has already warned users about the dangers of macros, saying they can be used to exploit vulnerabilities in Macs.


Microsoft announced earlier this year that it would block VBA macros in downloaded Office documents, due to how popular they are for distributing malware. However, those plans are now on hold.

Bleeping Computer reports that Microsoft is rolling back the change that blocked macros in Word, Excel, and PowerPoint documents downloaded from the web. The company said in the Microsoft 365 message center, “based on feedback, we’re rolling back this change from Current Channel. We appreciate the feedback we’ve received so far, and we’re working to make improvements in this experience. We’ll provide another update when we’re ready to release again to Current Channel.”

Visual Basic for Applications (VBA) macros were first introduced in Office 97, and are currently available on Windows and Mac. They can be used to automate document editing and interface with the underlying operating system, and to send data between Office applications. The unrestricted nature of macros (and popularity of Office apps) has made them a popular choice for malware distribution. A computer can be compromised if someone downloads a Word document, and then allows the macro to run when prompted.

Microsoft previously planned to block macros from running across Access, Excel, PowerPoint, Visio, and Word. The update wasn’t limited to the latest versions of Microsoft Office, either — Microsoft said in February that macros in downloaded files would be blocked in Office LTSC, Office 2021, Office 2019, Office 2016, and Office 2013. Microsoft had already rolled out the change in some preview channels.

There’s not a full explanation yet for why Microsoft is reversing the decision just before it was scheduled to roll out to everyone. The company told Bleeping Computer that it “doesn’t have anything more to share.”

Source: Bleeping Computer