Microsoft has announced that Office 365 applications now support Anti-Malware Scan Interface (AMSI), a solution that allows antivirus programs to block malicious macros which have been a significant threat to users of any of the programs in Microsoft Office suite.
Microsoft Office 365 packs the new Anti-Malware Scan Interface to allow antivirus programs scan macros and scripts
A macro is a series of rules or instructions that are grouped under the same command to complete a task automatically. For example, you can create a macro to change the formatting of a text document or to print all the documents in a folder automatically.
While they can be handy for automating actions and saving time, they can also be very dangerous, as cyber attackers can use macros to inject malicious codes and install malware on victims’ computers.
Now, Microsoft has finally decided to take action and to protect its customers. Accordingly, the Microsoft Office 365 client applications are now integrated with the new Anti-Malware Scan Interface (AMSI) which permits antivirus programs and other IT security solutions to scan macros and other scripts to detect and block malicious macros or other threats they find.
Latest Microsoft Office 365 updates already came out with the new Anti-Malware Scan Interface
From now on, when a macro invokes a high-risk function or method, Microsoft Office 365, via the Anti-Malware Scan Interface (AMSI), will stop its execution and request an analysis of the macro’s behavior. The antivirus software then performs the scan and points out whether it is indeed a malicious behavior or not.
If the antivirus indicates that the behavior is malicious, it will stop the macro from running, inform the user of the problem, and close the session to avoid further damage.
The Anti-Malware Scan Interface has already been integrated into the latest Microsoft Office 365 updates, but it will not work if the user has activated the “Enable all macros” security option.