A new Excel Trust Center settings option to further restrict the usage of Excel 4.0 (XLM) macros is now generally available. Building on the recent release of AMSI integration for XLM macros, this setting enables Microsoft 365 customers to further protect themselves against the latest threats. Found in the Trust Center Macro Settings, this new checkbox setting, “Enable Excel 4.0 macros when VBA macros are enabled”, allows users to individually configure the behavior of XLM macros without impacting VBA macros.
We invite all users to configure this new setting by following the 'Configuration Details' below. For most users, we recommend unchecking the setting to disable XLM macros.
Configuration Details
The Excel Trust Center settings can be accessed through the following steps:
- File > Options > Trust Center > Trust Center Settings > Macro Settings
When the checkbox is selected, the above settings configured for VBA macros will also apply to XLM macros. To disable XLM macros without a notification, deselect the checkbox setting (recommended) – this configuration opts for a more secure behavior. There is no impact to any default or previous macro settings configurations with this release; however, users should be aware that a change in default XLM macro behavior is coming soon (see more details in ‘Availability’ below).
Customers can now independently disable XLM macros in the Trust Center Macro Settings by unchecking the setting "Enable Excel 4.0 macros when VBA macros are enabled."
Availability
This setting is currently available in Excel (build 2104).
Administrators can also use the existing Microsoft 365 applications policy control to configure this setting. Get the latest group policy template files .
The Group Policy setting “ Macro Notification Settings”, can be found in the following path:
- User configuration > Administrative templates > Microsoft Excel 2016 > Excel Options > Security > Trust Center.
Administrators also have the option to completely block all XLM macro usage (including in new user-created files) by enabling the Group Policy, “Prevent Excel from running XLM macros”, which is configurable via Group Policy Editor or registry key.
- Group Policy Path:
- User configuration > Administrative templates > Microsoft Excel 2016 > Excel Options > Security > Trust Center
- Registry Key Path:
- Computer\HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Office\16.0\excel\security
Note:
While the initial release of this setting does not impact any existing or default macro settings configurations, XLM macros will soon be disabled by default - users can expect this coming change in default behavior to occur in the following M365 updates:
- 2021 October Current Channel
- 2021 December Monthly Enterprise Channel
- 2022 January Semi-Annual Enterprise Channel (Preview)
- 2022 July Semi-Annual Enterprise Channel
To learn more:
Working with Excel 4.0 macros - Excel
Enable or disable macros in Office files - Office Support
Subscribe to our Excel Blog and join our Excel Community to stay connected with us and other Excel fans around the world.
Microsoft