Ronald Albaitis tried opening a file and got a warning that it contained "macros." Ronald Albaitis tried opening a file and got a warning that it contained “macros.” He asked me what they are and whether he should be concerned.A macro is a small, usually user-created piece of programming that runs inside another, larger program. Several applications come with macro-writing and -running capabilities.For instance, several Microsoft Office programs use a macro language called Visual Basic for Applications (VBA). I’ve used it to create a considerable number of macros in Word. One of them, which runs when I press CTRL-w, waits for me to press a character key, then deletes all of the text between the insertion point and the next instant of that character.Once you pick up a few skills, you may find macros quite useful, and I’m saying that as someone who never really got the hand of VBA programming. I create most of my macros with Word’s Macro Recorder, which follows my actions, then automatically writes the macro. I then go into the code editor and fiddle with it a bit. Macros can be assigned to a particular template or document.And there, as you can guess, sits the danger. Macros are yet another place where criminals can hide malicious code. Someone sends you a .doc file, you open it, and it infects your PC. If you use Office 2007 or 2010, you’ve got some reasonable protection. Open a document (or other Office file) containing macros, and a security warning will pop up. The macros will be disabled, and you have to click a button to enable them. (You can change this setting, but I don’t recommend it.)Should you enable a document’s macros? Only if you know the person who sent you the file, know that there’s a legitimate reason for those macros, and have a reason to use them. And even then, you want to be sure that the file really came from that person and not from someone who hijacked their email account.Contributing Editor Lincoln Spector writes about technology and cinema. Email your tech questions to him at answer@pcworld.com, or post them to a community of helpful folks on the PCW Answer Line forum. Follow Lincoln on Twitter, or subscribe to the Answer Line newsletter, e-mailed weekly. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe