Microsoft has revealed plans to end the malicious use of Excel XLL add-ins, which have been used by some to deliver malware. XLL add-ins are files that can be used to add custom functions to Excel spreadsheets. Unfortunately, these add-ins have been abused by cybercriminals to spread malware.
Microsoft recently announced plans to address this issue and prevent malware delivery via XLL add-ins. Microsoft stated that existing XLL add-ins are still enabled in Excel, but new XLL add-ins will be disabled. This will help to cut down on malicious XLL add-ins.
Microsoft also said that they are planning to add a warning message when an XLL add-in is opened. This will alert users to the potential risks and make them aware that this type of file may contain malicious code.
Microsoft is also introducing a new security feature called "XLL Restriction," which will block Excel from loading XLL add-ins from untrusted sources. The company said that this will help protect users from being tricked into loading malicious XLL add-ins.
Microsoft is hoping to help protect users from being tricked into loading malicious XLL add-ins. End users should be sure to only install XLL add-ins from trusted sources, and be sure to check the warning message when an XLL add-in is opened. By implementing these changes, Microsoft is aiming to significantly reduce the malicious use of XLL add-ins.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 23 Jan 2023 18:57:29 +0000