Interview with RunAs Radio

I had the honor of being a guest at RunAsRadio with host Richard Campbell where we discussed security in Office macros and how you can secure your enterprise. Click the image to listen to the podcast:

Office macros need security? Yes! Richard chats with Karim El-Melhaoui about the issues around Office macros. With default settings, VBA macros in the Office suite are incredibly powerful and are an effective malware vector. While Microsoft has some built-in capabilities to warn users about enabling macros, modern malware makers have been socially engineering users to bypass those protections. You can go heavy handed and disable macros with group policy, but what if you need them? Karim talks about some of the latest features coming in the Windows 10 Creators Update to provide more granular security for Office macros. But maybe it’s time to move away from them entirely?

To get started:

Attack Surface Reduction – Windows 10 1709:

Attack Surface reduction were discussed in the interview and is a powerful mitigation that were introduced in Windows 10 Fall Creators Update. It gives several options for blocking common macro attacks.

Also look into blocking macros originating from the internet, more information is covered in a detailed blog post from Microsoft:

New feature in Office 2016 can block macros and help prevent infection

 

Hoping to write a more detailed blog post covering ASR in Windows 10 1709..

Published by

Karim El-Melhaoui

Working as a Technical Architect in Advania Norway with focus on Microsoft Infrastructure, Cloud and security. My daily tasks are advisory, design and implementation of products and security measures for companies Continously focusing on developing my skillset and staying up to date within newest in Technology. Microsoft Certified Trainer, MCSE Cloud Platform & Infrastructure and Mobility, MCSA Windows Client, Server and Office 365

Leave a Reply

Your email address will not be published. Required fields are marked *