Information
This policy setting will prevent Excel from running Excel 4.0 (XLM) macros. XLM macros were first added to Excel in 1992 and were disabled in Excel (Build 16.0.14427.10000) by Microsoft in 2021.
The recommended state for this setting is: Enabled
XLM is data macro format from the early nineties that was not built with security in mind. Macros can be easily exploited and are a favorite hiding place of malicious code. While newer builds of Excel disable XLM macros by default, it is an important setting to audit for a secure state in all versions of Excel.
Solution
To establish the recommended state via configuration profiles, set the following Settings Catalog path to Enabled
Microsoft Excel 2016\Excel Options\Security\Trust Center\Prevent Excel from running XLM macros
Impact:
This enforces the default behavior. Existing XLM macros will not function and should be migrated.