Excel 4.0 Macros Will Be Disabled in Order to Protect Users

The macros that will be disabled by default are found in Microsoft 365. The company is aiming to protect its customers from malicious documents by taking this action.

What Are Excel 4.0 Macros?

Excel 4.0 macros, also known as XLM macros, were introduced in 1992 and allowed users to input instructions into cells, which were subsequently performed to complete a job.

Threat actors continue to use XLM macros in malicious documents to download malware or do other undesirable activity twenty years after VBA macros were introduced in Excel 5.0.

Malicious campaigns that use Excel 4.0 XLM macros include TrickBot, Qbot, Dridex, Zloader, and a variety of others.

For years, Microsoft has recommended that users switch from and disable Excel 4.0 XLM macros in favor of VBA macros due to their continuing misuse.

As the VBA macros enable the Antimalware Scan Interface (AMSI), they may be used by security applications to scan macros for harmful activity.

Users can deactivate Excel 4.0 macros using the Excel Trust Center’s Enable XLM macros when VBA macros are enabled setting. Windows admins can disable the functionality via group policies, and users can stop it via the Excel Trust Center’s Enable XLM macros when VBA macros

Read More: https://heimdalsecurity.com/blog/excel-4-0-macros-will-be-disabled-in-order-to-protect-users/