How Can We Help?

Table of Contents

What is the recommended approach?

You are here:
< All Topics

To protect themselves against malicious macros, organisations should implement one of the following recommended approaches:

  • all macros are disabled
  • only macros from trusted locations are enabled
  • only macros digitally signed by trusted publishers are enabled.

In addition to implementing one of the recommended approaches above, organisations should:

  • implement application control to mitigate a malicious macro running unapproved applications
  • implement email and web content filtering to inspect incoming Microsoft Office files for macros, and block or quarantine them as appropriate
  • implement macro execution logging to verify only approved macros are used (e.g. by logging the execution of known file extensions such as dotm, docm, xlsm, pptm and ppsm)
  • ensure users assigned to assessing the safety of macros have appropriate VBA training.

Categories