The Microsoft Malware Protection Center (MMPC) has recently seen an increasing number of threats using macros to spread their malicious code. This technique uses spam emails and social engineering to infect a system.
To avoid further infection from these malware types, keep this in mind:
- A file which contains a receipt or billing statement, most of the time does not need to have any macros in it.
- Be cautious of unsigned macros and macros from an untrusted source. Macro malware are usually unsigned.
- Some macro malware leave the document intentionally empty, relying on the user to think that they need to enable the macro so that they can see something. Beware of such tricks.
Read more here – http://blogs.technet.com/b/mmpc/archive/2015/01/02/before-you-enable-those-macros.aspx