fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft Says Decision to Unblock Office Macros is Temporary

Microsoft Says Decision to Unblock Office Macros is Temporary

Microsoft says last week’s decision to roll back VBA macro auto-blocking in downloaded Office documents is only a temporary change.

Redmond announced in February that Microsoft Office would automatically block VBA macros in all documents downloaded from the Internet after a rollout stage between April and June.

However, as BleepingComputer first reported last week, soon after this new feature went live for all customers last month, Microsoft warned without any real explanation that this change would be rolled back.

This again leaves Windows and Microsoft Office users exposed to attacks launched via Office documents with embedded malicious macros.

Also Read: In Case You Didn’t Know, ISO 27001 Requires Penetration Testing

“Based on feedback, we’re rolling back this change from Current Channel. We appreciate the feedback we’ve received so far, and we’re working to make improvements in this experience,” Redmond told admins in the Microsoft 365 message center on Thursday.

“We’ll provide another update when we’re ready to release again to Current Channel. Thank you.”

While the company revealed the change to admins following M365 message center updates, it failed to make a public announcement and updated the original notification to say it was a temporary rollback only after customers found Office macro blocking was no longer enabled.

“Following user feedback, we have rolled back this change temporarily while we make some additional changes to enhance usability,” explained Kellie Eickmeyer, a principal program manager at Microsoft, in a Friday update to the February announcement.

“This is a temporary change, and we are fully committed to making the default change for all users. We will provide additional details on timeline in the upcoming weeks.”

Lack of communication leads to confusion

Microsoft pinned the temporary rollback of this much-awaited Office security boost on user feedback and is yet to reveal what it wants to change to improve usability.

Also Read: 4 Considerations In The PDPA Singapore Checklist

“I apologize for any inconvenience of the rollback starting before the update about the change was made available,” Angela Robertson, a Principal GPM for Identity and Security on the Microsoft 365 Office team, told confused customers last week.

Although the company has not shared the negative feedback that led to the rollback, customers have reported they cannot re-enable macros after they’re automatically blocked because they can’t find the Unblock button to remove the Mark-of-the-Web from downloaded files.

Some admins also feel that the decision was a problem for end-users who would find it burdensome to unblock each downloaded Office document multiple times each day.

Office users who still want automatic blocking of macros in downloaded Microsoft Office files enabled on their systems can read our easy-to-follow tutorial here.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us