Cybercrooks amp up attacks via macro-enabled XLL files Cybercriminals are once again abusing macro-enabled Excel add-in (XLL) files in malware attacks at a vastly increased rate, according to new research. HP Wolf Security revealed that .xlam files are now the seventh most commonly abused file extension in Q3 2023, rising 35 places from 42nd on the list in Q2. XLL attacks aren't …
Whether MS Office is inherently insecure is up for debate, but the fact that Microsoft Office has a virtual monopoly for office software in businesses mean that these sort of things are going to come up time and time again. Software mono cultures are a bad thing. Windows and Office are such as huge target for criminals attacking businesses as they know they are 99% likely to be using one or both products.
Visual Basic for Applications (VBA) macros, which are now blocked by default courtesy of Microsoft's 2022 intervention, a move that was seen at the time as long overdue.
Jesus Mary and Joseph, am I the only one here who uses VBA macros? VBA macros have been blocked by default for decades now. The "2022 intervention" added another form of blocking, and an extra step of unblocking.
It must be 30 years or more since the first office macro malware. It was considered a stupid idea to let "data" have access to any feature outside the immediate application then and, surprisingly, it still is now.
So why is "data" still allowed vectors to break out of the application?
Is it so a new macro system can be introduced in one version and a disable button introduced in the next as a "latest and greatest new feature"?
a stupid idea to let "data" have access to any feature
From the very beginning, a primary use case for PC's was mail-merge -- word processing and database.
Every text processing system I used, back from my mainframe days, through my minicomputer days, into my PC days, had macro ability and database connectivity (although in many cases "database" was just a tape or a file). It wasn't just unix that worked by linking small utilities together -- DOS 1 included "edlin" and "sort" and "find", with documentation on how to use those tools to manage data and create reports.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
