End User Protection – Microsoft Scheduled to Disable Excel 4.0 XLM Macros by Default

Macros have been a long time favorite of users and threat actors alike. Unfortunately, the same automation that macros afford users for efficiency and convenience have also been abused by threat actors to launch cyber attacks – most notably, Excel 4.0 XLM macros in phishing emails. Some organizations globally disable macros, but for those that have not, be advised that Microsoft will begin disabling Excel 4.0 XLM macros by default in Microsoft 365 tenants. This action is designed to protect users from the less secure macros that are still in use (and abuse) today. For more on the rollout schedule check out BleepingComputer.