Microsoft will start automatically disabling XLMs or Excel 4.0 macros in Microsoft 365 apps in November. According to the software company, the new default setting is safer for users.
Microsoft will disable the Enable XLM macros when VBA macros are enabled setting by default, thus disabling XLM macros in Microsoft 365, which was previously called Office 365. That will happen in late October in Insiders-slow update channels for Microsoft 365 and early November for “Current Channel.” For Microsoft 365 Monthly Enterprise Channel, the setting changes in mid-December. Microsoft reports this in its Microsoft 365 message center according to the non-Microsoft affiliated M365 Admin, which forwards the message.
Users and administrators could already disable the setting manually and in the future they will be able to re-enable the macros if they wish via the Excel Trust Center settings. Excel 4.0 appeared in 1992 and XLM was the default language for macros in that version. Excel 5.0 made the move to VBA or Visual Basic for Applications for macros.
Microsoft still supports XLM, but has long advised users to migrate to the more secure VBA, which provides integration for the Antimalware Scan Interface. Bleeping Computer points out that malicious attacks are carried out via XLM, as happened with TrickBot, Qbot, Dridex and Zloader, among others.