Making Excel Less Of An XXL Risk By Blocking Free Roaming XLL Files

Source: Bleeping Computer Making Excel Less Of An XXL Risk By Blocking Free Roaming XLL Files

First They Came For Your VBA Files, Then Your XLSM …

If you aren’t familiar with them Microsoft Excel XLL files are DLLs which contain executable files and are treated by Excel as add-ins.  These can be incredibly handy for frequent users of Excel but they can cause nightmares if they are installed from questionable sources; random internet sites not an official corporate network.   

This is just the latest in Microsoft’s campaign to reduce the attack surface of Excel.  As mentioned in the title, first VBA macros were prevented from running if they were not from an approved source.  Then next came XLSM, the Excel workbooks which contained the macros themselves being blocked by default to prevent users from downloading them from unscrupulous people who embed nasty macros containing malware in them.

Finally Microsoft have done the same with XLL files, blocking them by default for it is not that hard to hide a malware executable in the those files, along with useful functions.  They will still run if coming from a trusted network location, but not from emails nor from a random downloaded file.

As Bleeping Computer was told, attacks using XLL files increased “near-sixfold” in the past couple of years and it is not easy to find malware embedded in them with standard AV programs.

"Microsoft is working on adding XLL add-in protection for Microsoft 365 customers by including automated blocking of all such files downloaded from the Internet.

Video News

About The Author

Jeremy Hellstrom

Call it,, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!