How macros in Microsoft Office no longer pose a security risk

VBA macros (Visual Basic for Applications) in Microsoft Office are very popular among users - they simplify work for many and help, for example, to automatically evaluate Excel files or to create form letters. However, they also pose a considerable security risk. Emotet and Trickbot already used the VBA interfaces to load malicious code, and a harmless-looking file infected entire company networks. Microsoft also reacted to this in February 2022 and blocked VBA scripts by default for all users. This decision was welcomed by many security experts and also by the German Federal Office for Information Security (BSI). Less so, however, by users. They complained about the inconvenience, so Microsoft deactivated the security function again - without providing comprehensive information about it. However, the deactivation is only temporary and a user-friendly solution is being worked on. In the meantime, however, VBA macros remain a security risk for all Microsoft Office users.

Comprehensive protection with R&S®Browser in the Box

The fully virtualized R&S®Browser in the Box, developed together with the BSI, offers innovative and comprehensive protection - even against malware through macros. For the user, nothing changes in the workflows in the process. And this is how it works:
R&S®Browser in the Box establishes strong, proactive isolation throughout the network. At the same time, access to the Internet remains unrestricted for users and their familiar workflows. However, all applications and the operating system itself no longer have unrestricted access to the Internet or servers located there. This makes it impossible to reload malicious code from manipulated VBA macros in Office documents. Proactive isolation also protects against unknown telemetry data or data leakage from new types of malware, such as the recently headlined Hive Group.
The virtual R&S®Browser in the Box also protects against attacks that directly target security vulnerabilities in the browser. This is because it closes the "Internet" security gap by enabling a digital quarantine for attacks: malware is isolated before it even gets a chance to execute. Instead of detecting malicious code - as with antivirus programs - execution is prevented from the outset. All potentially dangerous activities are isolated in a closed virtual browser. The operating system and browser are completely separated from each other. Intrusive malware remains enclosed in the virtual environment and cannot spread on the computer and in the local network. Restarting the browser then always takes place in a virus-free state.