WHAT'S HAPPENING?
OIT will begin blocking INBOUND macro-enabled Microsoft Office email attachments with .pptm (PowerPoint macro) and .docm (Word macro) file extensions.
WHEN IS IT HAPPENING?
Beginning at 6:00 AM on Thursday, September 8, 2016.
WHY IS IT HAPPENING?
The OIT Cyber Security team partnered with various teams around campus to address the risks of ransomware to the campus IT environment. By enabling the Cisco IronPort mailheads to start stripping .docm and .pptm attachments, a common attack vector for ransomware and other malware attacks will be blocked.
WHO IS AFFECTED?
Any users who are sent these attachment types to their gatech addresses from an outside email service will receive a message in the body of the original email informing them that the email attachment has been removed. Regular Word (.doc or .docx) and PowerPoint (.ppt or .pptx) email attachments should not be affected, outbound email attachments should not be affected, and GT Office 365 users should not be affected when the message is coming from another GT Office 365 sender.
WHAT DO YOU NEED TO DO?
An affected user who is expecting the attachment from an outside party should ask the sender to resend with a non-macro-enabled file. If macros are needed for proper functioning of the file, email users may still share macro-enabled files via the following means:
1. Compress the attachment as a .zip file and then email the file
2. Use Office365 OneDrive file sharing
WHO SHOULD YOU CONTACT FOR QUESTIONS?
Feel free to contact the TSO Help Desk (CCB 148, 404.894.7065, helpdesk@cc.gatech.edu). If you prefer, you may also contact the OIT Technology Support Center (404-894-7173, support@oit.gatech.edu).
Owner of Alert
OIT