Redmond made the move after looking at its own research, which shows that macro-based attacks are on the rise. Indeed, data pulled from the Office 365 Advanced Threat Protection service shows that no less than 98% of the threats aimed at Office users employ macros.
(In its blog post on the matter, Microsoft does note that this is recorded attempts rather than infections, but it's still a very worrying statistic.)
While Office does already warn the user when they're opening a file with macros – and keeps the document in Protected View when first opened – Microsoft has observed that social engineering tactics to gain the trust of users are on the increase, and therefore more stringent anti-macro measures are good idea.
High risk macros
The new feature allows admins to block easy access to enabling macros in situations which are considered 'high risk', so even if the employee does attempt to leave Protected View, they will be prevented from doing so and informed about the level of risk involved.
High risk documents would include the likes of those downloaded from the internet or consumer cloud storage lockers, or those sent via email from outside the organisation.
Microsoft ends the post with the following advice: "For end-users, we always recommend that you don't enable macros on documents you receive from a source you do not trust or know, and be careful even with macros in attachments from people you do trust – in case they've been hacked."
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).