New ‘qkG Ransomware’ Found Using Same Self-Spreading Technique that allows macro-based self-replicating malware to spread. Microsoft refused to consider this issue a security loophole when contacted by the researcher in October this year, saying it’s a feature intended to work this way only. With “Trust access to the VBA project object model” setting enabled, MS Office trusts all macros and automatically runs any code without showing security warning or requiring user’s permission. This setting can be enabled/disabled just by editing a Windows registry, eventually enabling the macros to write more macros.
Source: https://thehackernews.com/2017/11/ms-office-macro-malware.html