Office 2013 can now block macros to help prevent infection


In response to the growing trend of macro-based threats, a new feature in Office 2016 allows an enterprise administrator to block users from running macros in Office documents that originated from the Internet.

This feature was documented back in March: New feature in Office 2016 can block macros and help prevent infection, and the predominant customer request we received was for this feature to be added to Office 2013.

We are pleased to announce that, as of September 2016, this feature is now part of Office 2013 – and it works in the same way as it does in Office 2016.

Administrators can enable this feature for Word, Excel, and PowerPoint by configuring it under the respective application’s Group Policy Administrative Templates for Office 2013.

For more information on how this feature works, and some background information on how macros can be abused for malware, see our blog from March 2016.


Comments (8)

  1. Why not make this an option for all Office users?

  2. Rhys Samson says:

    Is there a hotfix or patch that has to be installed/present for this to work?

  3. Norbert Klein-Ildefeld says:

    Do I Need a certain patch Level of O2013 to Support this Feature. How else would my Installation recognize the new GPO Setting?

  4. Justine B says:

    Thank you for this. It will help! Can we expect some kind of sandboxing for documents containing macros in a future version of Word/Excel?

  5. Tecko says:

    Does it generate any useful event id if it block the vba macro ?

  6. Norbert Klein-Ildefeld says:

    To answer my own question: August Office patch makes Office2013 Aware of the new GPO
    https://support.microsoft.com/en-us/kb/3177451
    MS16-099: Security update for Microsoft Office: August 9, 2016

  7. Ian says:

    Please backport this to Microsoft Office 2010! I would be very grateful to Microsoft!

  8. Ian says:

    Please backport this to Microsoft Office 2010!

Skip to main content