US-CERT issues an advisory on the use of macros to distribute malware on Windows machines. Macros are pieces of code written in Visual Basic for Applications (VBA) that allows users to automate frequently used tasks in Word, PowerPoint, Excel and other Microsoft Office apps. The best way for organizations to mitigate the issue is to disable Microsoft Office macros enterprise-wide to the extent possible and to implement new controls for systems that do require macros. Microsoft blamed the enduring appeal for macro attacks on the continuing tendency by users to enable macros that have been disabled by default.”]
Source: https://www.darkreading.com/attacks-breaches/us-cert-warns-of-resurgence-in-macro-attacks