Thank God they quickly closed this loophole..
.. after all, it has only been around for some 5..6 years. How agile.
I'd say "feeling lucky yet?" but that's ™ Google now, I think.
Microsoft in March will start blocking Excel XLL add-ins from the internet to shut down an increasingly popular attack vector for miscreants. In a one-sentence note on its Microsoft 365 roadmap, the vendor said the move was in response to "the increasing number of malware attacks in recent months." Security researchers have …
The correct thing for MS to do, is stop letting documents (and other apps) have access to OS files, and toss in some other common sense limits. But that would just be to simple of a fix. Also might stop people buying newer versions that only have more bloat, with the same insecurities - by design.
Although that is the description used by Microsoft, it is a particularly poor description. -- a problem with trying to use one word to describe a system with several independent variables
In the brave new world of 'blocked' VBA, VBA, which was already blocked, must now be unblocked from a check box in Windows Explorer / File Explorer, rather than from a button in the Office Application, and a policy may be set to choose either behavior.