Feedback by UserVoice

How can we improve compliance or protect your users better in Office 365?

Block Office Files with Macro's

We are getting numerous malware attacks with zero hour Office files containing malicious Macro's, these are often blocked within 60-90 minutes but some are still being received by users. The signature is changing regularly so they aren't picked up by your scanners despite the original virus being around 12 months old.

We do educate the users not to open them and Macro's are disabled, but blocking the content at the gateway would be better.

Some of this functionality was available in Forefront for Exchange.

81 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Jeff Belt shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

4 comments

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...
  • Erik Solem commented  ·   ·  Flag as inappropriate

    Essentially all office files and PDF that contain custom code should be detected in EOP and then allow rule-based handling. I want to be able to block all office files and PDFs with custom code that is received from external senders.

  • Anonymous commented  ·   ·  Flag as inappropriate

    It would be good if we could add a transport rule to Exchange Online that blocks email attachments that contain macros (similar to the rule that blocks executable content)

  • Scott Turner commented  ·   ·  Flag as inappropriate

    Blocking these files via GPO is not sufficient - that requires all machines be subscribed to the domain policy, and frankly, while that is optimal, it's not realistic.

Feedback and Knowledge Base