CyberSecurity news
FlagThis
@www.bleepingcomputer.com
//
Microsoft is set to block ActiveX controls by default in the Windows versions of Microsoft 365 Apps and Office 2024. This move, announced in April 2025, aims to enhance security by addressing vulnerabilities associated with the legacy software framework. ActiveX controls, introduced in 1996, enabled developers to create interactive objects embedded in Office documents. However, over time, these controls have become a significant point of entry for cybercriminals, similar to macros in Excel, with examples such as the propagation of the TrickBot malware through ActiveX.
Microsoft's decision to disable ActiveX controls by default is part of a broader effort to bolster the security of its products. Since 2018, the company has implemented various measures to block attack vectors exploiting Office applications. These include blocking VBA macros, disabling Excel 4.0 (XLM) macros by default, blocking untrusted XLL add-ins, and phasing out VBScript. The default setting previously was to prompt users before enabling ActiveX, which required users to understand the risks before granting permissions.
When the change is deployed, users will receive a notification stating "BLOCKED CONTENT: The ActiveX content in this file is blocked" if a document contains an ActiveX control. This measure is intended to reduce the risk of malware or unauthorized code execution. Users can re-enable ActiveX controls through the Trust Center, provided administrators have granted them access to the ActiveX settings page. This change is more secure as it blocks the controls entirely.
ImgSrc: www.bleepstatic
References :
Microsoft's decision to disable ActiveX controls by default is part of a broader effort to bolster the security of its products. Since 2018, the company has implemented various measures to block attack vectors exploiting Office applications. These include blocking VBA macros, disabling Excel 4.0 (XLM) macros by default, blocking untrusted XLL add-ins, and phasing out VBScript. The default setting previously was to prompt users before enabling ActiveX, which required users to understand the risks before granting permissions.
When the change is deployed, users will receive a notification stating "BLOCKED CONTENT: The ActiveX content in this file is blocked" if a document contains an ActiveX control. This measure is intended to reduce the risk of malware or unauthorized code execution. Users can re-enable ActiveX controls through the Trust Center, provided administrators have granted them access to the ActiveX settings page. This change is more secure as it blocks the controls entirely.
ImgSrc: www.bleepstatic
Share:
References :
- The Register - Software: ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK?
- Will Dormann: Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 About damn time!
- www.bleepingcomputer.com: Microsoft blocks ActiveX by default in Microsoft 365, Office 2024
- IT-Connect: Microsoft : les contrôles ActiveX bientôt bloqués par défaut dans Office et Microsoft 365 Apps
- www.it-connect.fr: Microsoft : les contrôles ActiveX bientôt bloqués par défaut dans Office et Microsoft 365 Apps
- BleepingComputer: Microsoft blocks ActiveX by default in Microsoft 365, Office 2024
- Cyber Security News: Microsoft Disables ActiveX by Default in 365 to Block Malware Execution by Hackers
Classification:
- HashTags: #Microsoft365 #ActiveX #Security
- Company: Microsoft
- Target: Microsoft 365 Users
- Attacker: Microsoft
- Product: Microsoft 365
- Feature: ActiveX Blocking
- Type: ProductUpdate
- Severity: Medium