How can Microsoft Office files be dangerous?
Microsoft Office files (Word documents, Excel spreadsheets, PowerPoint presentations, etc) can contain programming code called Macros. Macros were intended to automate repetitive tasks or add intelligence to Office files. However, these Macros can run malicious code that directly harms our computers (deletes or changes files) or installs malicious software such as a virus or ransomware (software that encrypts the files on your computer and demands a ransom to unencrypt them). In fact, embedding harmful code in Macros is one of the most used methods of obtaining unauthorized access or disrupting the use of a computer.
How Office protects against malicious macros
By default, Microsoft Office applications display a security warning like the one below:
This warning lets you know macros are present in the file you have opened
How to protect yourself against malicious macros
Do not ignore the macro security warning
If you receive the macro security warning, do not click the Enable Content button. The hackers who craft malicious Office documents will attempt to entice you into clicking the button through text in the file and other methods. Please close the file right away.
If you do click the Enable Content button by accident, immediately close the Office application and contact the Help Desk.
Verify your macro settings
To verify the Office security settings for macros in Windows:
- Open any Office application and select a blank file
- Click on the File tab at the top left
- Click Options from the bottom of the menu on the left side
- Click Trust Center on the Options window that opens up
- Click the Trust Center Settings button in the Options window
- Click Macro Settings on the Trust Center window
- Under Macro Settings, make sure the setting is Disable all macros with notification. If you never use files with macros, you can also set it to Disable all macros without notification.
What if I need macros?
If you need to use an Office file containing macros, make sure you know, trust, and have verified the source of the file. Just because it was emailed to you from someone you know isn’t enough; their account may have been compromised by a hacker.