Configuring Macro Settings
Disabling or limiting Microsoft Office macros can aid in preventing malicious code from entering your organisation’s network. Compromised macros can often evade basic email content filtering and application whitelisting.
While macros can greatly improve productivity, they can also make your systems vulnerable, especially if they are out-of-date or downloaded from the Internet.
All macros created by users or third parties should be reviewed before being approved for use within the organisation. By understanding the business requirements for the use of macros, and applying the necessary mitigation strategies, organisations can effectively manage the risk of allowing them in their IT environment.
Note: The best approach is to block macros from the Internet and only allow vetted macros either in “trusted locations” with limited write access or digitally signed with a trusted certificate.
In the SECMON1 blog post ‘Security Overview – Information Security Essentials’, we spoke about what Microsoft Office Macros are and why it is an essential security measure to configure or even disable them.
In this document, we are going to provide some basic macro configuration steps to assist in strengthening your security, as well as providing you with some interesting and important links where you can educate yourself further on this topic and identify other options available to you.