D2
Администратор
- Регистрация
- 19 Фев 2025
- Сообщения
- 4,380
- Реакции
- 0
В конце года специалисты Microsoft отключат возможность запуска макросов XLM в Office 365 по умолчанию. Этот тип макросов также известен как Excel 4.0 Macros, так как впервые был внедрен в этой версии редактора электронных таблиц еще в 1992 году. С тех пор макросы регулярно использовались для кибератак, а в прошлом году частота использования такого вредоносного ПО серьезно повысилась.
Microsoft plans to disable a legacy feature known as Excel 4.0 macros, also XLM macros, for all Microsoft 365 users by the end of the year, according to an email the company has sent customers this week, also seen by The Record. Introduced in 1992 with the release of the Excel 4.0 software — from where the feature also gets its name — XLM macros allow users to enter complex formulas inside Excel cells that can execute commands, either inside Excel or the local filesystem. While XLM macros were replaced with the release of Excel 5.0, which introduced VBA-based macros, support for this feature has remained inside the Office Excel software to this day.
Excel 4.0 macros have been widely abused over the past two years As with most Office tools that allow basic scripting-like actions, the feature has been abused over the course of the past decades by both financially motivated groups and state-sponsored threat actors alike. But the abuse has never been as rampant as it has been since early 2020 when several security researchers noted the sudden and unexplainable increased attention XLM macros had been getting from numerous top-tier threat actors. Reports from VMWare, ReversingLabs, Lastline, MadLabs, Expel, DeepInstinct, and many others referenced a spike in malware strains and threat actors abusing XLM macros, used in anything from cyber-espionage to banking trojans, and from ransomware to cryptocurrency theft.
Microsoft plans to disable a legacy feature known as Excel 4.0 macros, also XLM macros, for all Microsoft 365 users by the end of the year, according to an email the company has sent customers this week, also seen by The Record. Introduced in 1992 with the release of the Excel 4.0 software — from where the feature also gets its name — XLM macros allow users to enter complex formulas inside Excel cells that can execute commands, either inside Excel or the local filesystem. While XLM macros were replaced with the release of Excel 5.0, which introduced VBA-based macros, support for this feature has remained inside the Office Excel software to this day.
Excel 4.0 macros have been widely abused over the past two years As with most Office tools that allow basic scripting-like actions, the feature has been abused over the course of the past decades by both financially motivated groups and state-sponsored threat actors alike. But the abuse has never been as rampant as it has been since early 2020 when several security researchers noted the sudden and unexplainable increased attention XLM macros had been getting from numerous top-tier threat actors. Reports from VMWare, ReversingLabs, Lastline, MadLabs, Expel, DeepInstinct, and many others referenced a spike in malware strains and threat actors abusing XLM macros, used in anything from cyber-espionage to banking trojans, and from ransomware to cryptocurrency theft.