January 25, 2022
Microsoft has announced that Excel 4.0 will be disabled by default to protect users from malware.
This consolidate the company’s announcement in October that it would disable XLM macros as long as the users hadn’t turned it on or off manually.
“As planned, we have now made this setting the default when opening Excel 4.0 (XLM) macros. This will help our customers protect themselves against related security threats,” Catherine Pidgeon, a Principal Program Manager Lead at Microsoft noted via a blog post.
Admins can use Group Policy settings, Cloud policies, and ADMX policies to configure the process of running Excel macros.
Admins can block all Excel XLM macro use in their environments by clicking on the “Prevent Excel from running XLM macros” Group Policy. This is configurable via Group Policy Editor or registry key.
By default, XLM macros are disabled in the September fork, Excel version 16.0.14527.20000 and newer versions available in the current Channel builds 2110 or greater, monthly Enterprise Channel builds 2110 or greater.
Others include semi-annual Enterprise Channel (Preview) builds 2201 or greater (first ships in March 2022), and semi-annual Enterprise Channel builds 2201 or greater (will ship July 2022).
For more information, read the original story in BleepingComputer.
