Microsoft Office Macro Policy Reversal: A Legacy Of Incompetent Security Management
Over the weekend, Ars Technica's Dan Goodin reported on the reversal of the current Microsoft Corporation (NASDAQ: MSFT) Office untrusted macro run policy. Apparently, the company will no longer block untrusted macro execution within Microsoft Office documents (via the utilization of various means - read Defender, et cetera).
During a brief conversation yesterday, a fellow security professional with knowledge of the matter speculated to me: "Maybe they are going into the ransomware business"...
Clear evidence of the astonishing pervasive incompetence (aka The Microsoft Way) in all of it's unabashed glory, now, firmly ensconced at the corporate behemoth's sprawling Redmond, Washington based digs.
Update 2022/07/11 12:43 - Meanwhile, Richi Jennings regales us with a superb piece at Security Boulevard in which, the dissection of this latest debacle commences (plus other acerbic wit and wisdom from commenters)...