April 22, 2021

Macro Vulnerabilities

Macros, a set of commands or code intended to automate specific functions are not dangerous in and of themselves.

Macro Vulnerabilities

Macros are most often used in Microsoft Word and Excel. Although intended to be time saving, macros do come with a security set back. Anyone can write a macro to automate any number of tasks, one of which could be with malicious intentions. One of the most recent macro scams, called Locky, disguises itself as an invoice with an attached word document. Once opened and macros enabled, the attach encrypts your files and provides a note on how to receive the key to access your files.

If Microsoft Macro Protection is enabled, a yellow bar appears at the top of the program with a shield icon and a button marked “Enable Content.” The malicious macro cannot run until you click the enable button, however with the file appearing to come from a trusted source often times the user will enable the macro thinking its required to view the information. Often times the text inside the document will also contain instructions on how to run macros and bypass the security so that the document can be viewed properly.

Microsoft Word and Excel both have macro security features but users still need to be extremely cautious with running macros. Always double check the source of the document and even consider letting IT look at it before you enable macros from a source you do not know.

Related posts:
Cyber Espionage Explained
Read more chevron_right
What is a VPN and How Does it Work?
Read more chevron_right
Why is Phishing Becoming More Frequent?
Read more chevron_right See all blogs chevron_right