neowin[.]net/news/microsoft-to-block-vba-macros-to-protect-unsuspecting-users-from-sneaky-malware/
zdnet[.]com/article/microsoft-to-make-enabling-untrusted-office-macros-tougher-in-the-name-of-security/
docs.microsoft[.]com/en-us/DeployOffice/security/internet-macros-blocked
It's a bit complicated, but then this is Microsoft -- and because it's Microsoft, things may not always go as planned, e.g. you *may* sometimes have problems running VBA macros using Office that should not really be effected. The new plan only effects Office running in Windows, and Access, Excel, PowerPoint, Visio, and Word. Files saved to FAT32 storage [rather than NTFS] *may* get a pass. If you've already opened the file & enabled macros, it gets a pass. The software looks 1st to whether the file with the macro was downloaded from a trusted site, 2nd, if the macro is digitally signed and the matching Trusted Publisher certificate is installed on the device, 3rd, what policies are set in that copy of Windows regarding macros. But, Microsoft also says: "You can only use policies if you're using Microsoft 365 Apps for enterprise." If a macro is blocked, you cannot simply click a button to enable it like you can today...
After the change of default behavior to block macros in files from the internet, users will see a different banner the first time they open a file with macros from the internet. This SECURITY RISK banner doesn't have the option to Enable content. But users will be able to go to the Properties dialog for the file, and select Unblock, which will remove the Mark of the Web (MOTW) attribute from the file and allow the macros to run, as long as no policy or Trust Center setting is blocking.