On the banality of attacks and on mindful engineering

I really don’t understand why things like :

https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/ aren’t enabled by default.

In Enterprise, anyone who actually needs that (ouch) could easily change the behaviour via GPO if the default felt too restrictive.

It’s the same with more enterprise focused features like LAPS (https://technet.microsoft.com/en-us/mt227395.aspx)- why aren’t local admin passwords automatically managed by default when joining AD?

We know those are the same on many machines and are abused all the time…

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.