Macros are a powerful way to automate common tasks in Microsoft Office and can make people more productive. However, macro malware uses this functionality to infect your devices. Resec Systems Red team created a macro malware for understanding how macro malwares exploit the systems. As part of our red team research we created a POC to demonstrate that macros once enabled by enduser are capable to download an exe file from a remote server and execute it without the user actually knowing about it. This can eventually lead to compromise your computer systems.
In recent versions of Microsoft Office, macros are disabled by default. Now, malware authors need to convince users to turn on macros so that their malware can run. They try to scare users by showing fake warnings when a malicious document is opened. To protect yourself from such malware attacks it is recommended not to enable macros in the office documents if sender is not a trusted entity.