Until June 30, Microsoft had planned to disable Visual Basic for Applications (VBA) scripts in Office applications. VBA is the programming language built into all Office applications.
The change rolled out to beta testers in June. Whereupon Microsoft was apparently deluged with feedback from businesses whose many custom scripts suddenly stopped working.
Microsoft’s about-face was abrupt: on June 30, Microsoft announced that the change would not be rolled out to the general public in June as planned.
Previously, Office applications only popped up warnings about running potentially non-secure scripts, and allowed the user to run them anyway. That override was removed in the version that was being tested.
Incidentally, that earlier change was generally viewed as a good thing by security folks, because it’s well known that malicious scripts in Office documents are an effective vector for malware, phishing, and other nasty stuff.
But business and education users often use extensive custom VBS scripts to manage their work, and suddenly disabling all those scripts was going to be a huge problem for those people.
Once again, Microsoft seems to have completely forgotten that a lot of people use Office applications for their work; that those scripts are often poorly maintained; and that while it may make sense to force ordinary users to stop using VBA, the effect on business users would be much more dramatic.
Microsoft says that they are reveiwing the situation. How about giving these changes some thought before foisting them on us?
Update 2022Jul29: Microsoft is once again rolling out this change, with some tweaks to the wording of associated warnings, and a few critical tweaks that make it easier to work around for system administrators.