[RcouF1uZ4gsC]

Good is slowly becoming Microsoft. Just when we finally have a handle on worms spread through Word and Excel Macros, now we will have Google Doc Macros.It will be interesting to see what kind of security vs usability we will see. Also, with these Google macros, will an abusive macro that spams, get you locked out of your Google account and unable to access your documents?

[smackmybishop]

Google Apps Script has been around since 2009...

[candiodari]

... and has had security incidents

http://www.behind-the-enemy-lines.com/2012/04/google-attack-...

[charleslmunger]

I don't see any mention of Apps Script in that blog post.

[kyrra]

TLDR: someone linked to all the images of an S3 bucket from google sheets, and Google proxies loading the images through Google (smart security process). The worst thing here may be that google ignored the Cache-Control returned by S3.

Where is the actual security incident?

[dragonwriter]

While you can do what look a lot like (and are called) document macros with this, it's more like a JS PaaS with libraries for Google services than it is like classic MS Office facilities.

[senectus1]

making some of the same mistakes that MS made != becoming MS.

But yes I hope they're being careful with this.

[duxup]

MS's issues with macros was my first thought as well.

I'd really like to hear about their plans security wise with this.