Five months after announcing plans to disable Visual Basic for Applications (VBA) macros by default in the Office productivity suite, Microsoft appears to have rolled back its plans.
"Based on feedback received, a rollback has started," Microsoft employee Angela Robertson said in a July 6 comment. "An update about the rollback is in progress. I apologize for any inconvenience of the rollback starting before the update about the change was made available."
When reached by The Hacker News, Redmond said its decision to reverse course was temporary and that it's working to incorporate further usability improvements.
"Following user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability," a Microsoft spokesperson said. "This is a temporary change, and we are fully committed to making the default change for all users. Regardless of the default setting, customers can block internet macros through the Group Policy settings described in this article."
The company further said that it would share additional details on the timelines in the upcoming weeks.
In February 2022, the tech giant said it was disabling macros by default across its products, including Word, Excel, PowerPoint, Access, and Visio, for documents downloaded from the web in an attempt to mitigate potential attacks that abuse the functionality for deploying malware.
Are you aware of the risks associated with third-party app access to your company's SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.RESERVE YOUR SEAT
"Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered, and the impact can be severe including malware, compromised identity, data loss, and remote access," Microsoft noted at the time.
(Update: The story has been updated to include a statement from Microsoft. The headline has been revised to reflect the fact the changes are temporary.)