An attacker embedded a macro within a word processing file opened by a user in...

To prevent macro-based attacks, the Cisco CyberOps study guide emphasizes the importance of limiting execution of unauthorized or unsigned macros. "Requiring that all macros be digitally signed and limiting execution only to those that meet the required trust level is a key mitigation strategy against malicious macros." Additionally, enabling features like Controlled Folder Access helps in protecting sensitive directories from unauthorized changes by untrusted applications, including those launched via malicious macros .

These two measures—enforcing signed macro policies and leveraging controlled folder access—directly help in mitigating the risk posed by embedded malicious macros in documents.