Microsoft Enhances Excel Security by Blocking Links to Risky Files
Have you recently noticed that certain hyperlinks within your Excel spreadsheets are no longer working? If so, you’re not alone. Microsoft has implemented a significant security update for Microsoft 365 that changes how Excel handles links to specific types of files, and it’s a change designed to keep your data and systems safe.
This update directly targets a common tactic used by cybercriminals. By disabling links to potentially dangerous file types, Microsoft is closing a loophole that could be exploited to deliver malware. This article breaks down why this change was made, what it means for you, and how you can safely adjust your workflow if needed.
A Proactive Defense Against Modern Threats
In the ongoing battle against cyberattacks, threat actors are constantly devising new ways to trick users into running malicious software. One popular method involves embedding harmful links within seemingly innocent documents, like Excel workbooks. A user might receive a spreadsheet that appears to be a legitimate report or inventory list, but it contains a hidden link that, when clicked, downloads and executes a malicious payload.
To combat this, Microsoft has hardened Excel’s security posture. This update is a direct response to emerging threats where attackers embed malicious links in documents to bypass traditional security checks. By blocking these links by default, Microsoft is making it significantly harder for these social engineering attacks to succeed.
Which File Types Are Blocked?
The update specifically focuses on file extensions that can be used to install software or mount virtual drives, making them high-risk vectors for malware. When a user now clicks on a link to one of these blocked file types, Excel will display an error message instead of opening or downloading the file.
The list of blocked file types includes, but is not limited to:
- Virtual Hard Disk files (.vhd, .vhdx)
- Microsoft Software Installer files (.msi)
- And other file types that are already blocked as attachments in Outlook.
This change aligns Excel’s security protocols with other Microsoft 365 applications, creating a more consistent and secure user experience across the entire suite.
Actionable Steps: How to Safely Manage Legitimate Links
While this security enhancement is a major step forward, it can disrupt legitimate workflows. For example, an IT department might use a shared Excel sheet to link to approved .msi software installers stored on a secure network drive. With this update, those links will now fail.
Fortunately, Microsoft has provided a secure method to re-enable access for trusted files. To restore functionality for legitimate files, you must add the file’s storage location (e.g., a specific server or network folder) to Excel’s Trusted Locations list.
Here is how you can do it:
- In Excel, go to File > Options.
- Select Trust Center from the left-hand menu, then click the Trust Center Settings button.
- In the Trust Center window, select Trusted Locations.
- Click Add new location…
- Browse to the specific folder or network share where your trusted files are stored.
- It is highly recommended to check the box for “Subfolders of this location are also trusted” if applicable.
- Click OK to save the new trusted location.
Security Tip: Be extremely selective about what you add as a Trusted Location. Only add specific folders or network shares that you know are secure and well-managed. Avoid adding broad locations like your entire C: drive, as this could inadvertently re-open security holes.
Broader Security Best Practices
This Excel update is a powerful reminder of the importance of a multi-layered security approach. While Microsoft is taking steps to protect users at the application level, individuals and organizations must remain vigilant.
- Educate Users: Ensure everyone understands the danger of clicking unsolicited links, even if they appear to be in internal documents.
- Verify Sources: If you receive a document with links, especially unexpected ones, verify its authenticity with the sender through a separate communication channel.
- Maintain Security Software: Always keep your antivirus and anti-malware software up to date to catch threats that might slip through other defenses.
By understanding why Microsoft made this change and knowing how to properly use features like Trusted Locations, you can maintain a high level of productivity without compromising on security. Ultimately, this update makes the entire Microsoft 365 ecosystem safer, and a little workflow adjustment is a small price to pay for significantly enhanced protection.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-to-disable-external-workbook-links-to-blocked-file-types/
