{"id":19565,"date":"2022-07-11T08:30:03","date_gmt":"2022-07-11T16:30:03","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2022\/07\/11\/news-13298\/"},"modified":"2022-07-11T08:30:03","modified_gmt":"2022-07-11T16:30:03","slug":"news-13298","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/07\/11\/news-13298\/","title":{"rendered":"Now\u2019s the time to prep for Microsoft\u2019s Excel macro crackdown"},"content":{"rendered":"

<\/p>\n

Credit to Author: Susan Bradley| Date: Mon, 11 Jul 2022 08:56:00 -0700<\/strong><\/p>\n

On July 8, Microsoft pulled back from its decision in February to block macros in Excel documents by default. Microsoft had said it would block Excel files that contained macros if they were downloaded from the internet. (Malicious actors use these lures as a way to launch attacks on networks; specifically, ransomware and other types of malicious activity can launched from a plain, old malicious spreadsheet.)<\/p>\n

Microsoft still plans to put this blocking in place, but only after \u201ca better experience.\u201d In the meantime, there are actions you can take now so you won\u2019t need to worry about the change in the future.<\/p>\n

If you work for a firm that\u2019s developed spreadsheets for your own internal office use, chances are the spreadsheet does not have a digital signature. Signing machos is similar to how websites use SSL certificates to validate the site is legit. The hardest part of the self-signing process is deciding whether you want to purchase a code-signing certificate or use the self-signed certificate process. (I can tell you from personal experience that trying to purchase a code-signing certificate is an expensive and cumbersome process. I don\u2019t recommend that option, except for large enterprises where the code-signing process is routine.)<\/p>\n

For everyone else, I recommend that you self-sign your Excel macros. The tricky part is getting the program that allows you to do so. You\u2019ll need to follow this Knowledge Base\u00a0article<\/a>\u00a0to find the location of the file selfcert.exe on your computer. In my case, the file is located in \u201cC:Program FilesMicrosoft OfficerootOffice16″ (if you’re running the 64-bit version of Office). Launch the selfcert.exe program and name the certificate something descriptive such as MyExcelFiles.<\/p>\n

In the search box on your Windows computer, type in mmc.exe to launch the Management console. Click on file, then on \u201cadd\/remove snap in,\u201d then on the \u201csnap in certificates,\u201d and add it to your management view. You\u2019ll want to add it to \u201cMy user account.\u201d Click on certificates> current user and then on the personal certificate store. You should now see that \u201cMyExcelFiles\u201d certificate in your certificate store. You can double-click on it to review the certificate. (It should say that the CA root certificate is not trusted; this is normal with a self-signed certificate.)<\/p>\n

Now, open the Excel file you want to code sign with your self-signed certificate. (You\u2019ll need to add the Developer tab to your Excel spreadsheet if it\u2019s not already showing.) After clicking on File> more> options, select \u201cCustomize Ribbon\u201d from the left. Next, select \u201cMain Tabs\u201d on the right, check the \u201cDeveloper\u201d checkbox and click the \u201cOK\u201d button.<\/p>\n

On the Developer tab in the Code group, select Visual Basic. In Visual Basic on the Tools menu, click Digital Signature. When the Digital Signature dialog appears, select a certificate and click OK. Save the Visual Basic and close the Visual Basic interface. Now resave your Excel file.<\/p>\n

It’s also important to review the macro security settings<\/a> on your computer. On the Developer tab (again in the Code group), click Macro Security. In the Macro Settings category, choose the option you want. Once you have all Excel files you use signed with your self-signed certificate, you can change the settings to \u201cDisable VBA Macros except digitally signed macros.\u201d<\/p>\n

Now it\u2019s time to review the spreadsheets that include macros. If you\u2019ve downloaded any online and do not know where they came from, stop. You\u2019ll want to check to ensure that they are not malicious by uploading the files to www.reverse.it<\/a> or www.virustotal.com<\/a> to see \u00a0what the file contains. Once you identify the Excel files with macros you want to use (but that you\u2019ve haven\u2019t personally developed), your next step is to ensure that each one of these Excel files do not have \u201cmark of the web\u201d on them.<\/p>\n

Don\u2019t open the files \u2014 simply right-click on the Excel spreadsheet and select properties. In the general tab, look for an indication that \u201cThis file came from another computer and might be blocked to help protect this computer.\u201d You should click on the box that says \u201cUnblock\u201d and click to apply. Now that the file has been scanned and unblocked, open it up, digitally sign it and resave. This will ensure that your Excel files are signed by you; should you open them up anytime in the future, you will know if they\u2019ve been tampered with.<\/p>\n

For a small business that saves and shares Excel files, I recommend that you set up a safe location on your network for trusted Excel spreadsheets. Go into Excel and click on file> options> trust center, then on trust center settings; here you can review the locations you deem \u201ctrusted.\u201d By default, Excel doesn\u2019t trust a network location. Even though Microsoft doesn\u2019t recommend adding a trusted location on the network, for business purposes I add a specific site or location and then review who has access to that location. Be clear on who needs access to macros and especially access to this trusted network location. Not everyone in your office needs this level of access. In fact, most of your users \u2013 even in a small business \u2013 likely don\u2019t. Plan accordingly.<\/p>\n

Deciding who and what has access to a trusted location could be the difference between getting attacked with ransomware \u2013 or not. Not everyone needs an Excel file with a macro. Not everyone needs trusted locations on your network. But attackers clearly would love it if we didn\u2019t make these decisions.<\/p>\n

Microsoft will eventually block macros in Excel documents downloaded from the internet. Take the time now to get ahead of that change; don\u2019t wait for Microsoft to roll it out again.<\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Susan Bradley| Date: Mon, 11 Jul 2022 08:56:00 -0700<\/strong><\/p>\n

\n
\n

On July 8, Microsoft pulled back from its decision in February to block macros in Excel documents by default. Microsoft had said it would block Excel files that contained macros if they were downloaded from the internet. (Malicious actors use these lures as a way to launch attacks on networks; specifically, ransomware and other types of malicious activity can launched from a plain, old malicious spreadsheet.)<\/p>\n

Microsoft still plans to put this blocking in place, but only after \u201ca better experience.\u201d In the meantime, there are actions you can take now so you won\u2019t need to worry about the change in the future.<\/p>\n