As long as I can remember, macros have been a huge potential for problem with Microsoft Office. Whether they were deliberately infectious or just poorly written, bad macros can halt Office apps, freeze the entire system, and even cause corrupted files.
It’s about time, but Microsoft is releasing a new feature for Office 2016 that effectively blocks highly suspect macros.
According to the feature announcement, this new feature:
- Allows an enterprise to selectively scope macro use to a set of trusted workflows.
- Block easy access to enable macros in scenarios considered high risk.
- Provide end users with a different and stricter notification so it is easier for them to distinguish a high-risk situation against a normal workflow.
Controlled using Group Policy, administrators can control how macro access works in each application and protect against local, Internet, and email-based macros. The GPO Administrative templates for Office 2016 are required, and once applied the settings can be accessed at:
Administrative templates > Microsoft Word 2016 > Word options > Security > Trust Center
The setting to configure is called:
Block macros from running in Office files from the Internet