Microsoft managed to build a file format for spreadsheets, text documents and such, which can be used to run arbitrary code on the PC where it’s opened (via VBA). In a move that no one could have predicted, this is used to distribute malware.
And their bandaid fix is this “Protected Mode”, which is entered when you receive a document from another organization. In Protected Mode, it does not run VBA code until you exit it.
Unfortunately, their solution has conditioned users to basically always exit Protected Mode.
The annoying part is, they could check if the file even contains malicious code. But they don’t and instead default to protected mode, even for basic files.
Microsoft managed to build a file format for spreadsheets, text documents and such, which can be used to run arbitrary code on the PC where it’s opened (via VBA). In a move that no one could have predicted, this is used to distribute malware.
And their bandaid fix is this “Protected Mode”, which is entered when you receive a document from another organization. In Protected Mode, it does not run VBA code until you exit it.
Unfortunately, their solution has conditioned users to basically always exit Protected Mode.
The annoying part is, they could check if the file even contains malicious code. But they don’t and instead default to protected mode, even for basic files.
It’s probably spaghetti enough that just loading it to check would be exploitable.