(We’ve simplified enormously, but you get the idea, and anyone who has ever worked in a product management department or in product marketing will probably sympathise with Microsoft’s position. Redmond suggested that full-power-Office-with-non-default-VBA would quickly become known in the market as a low-end-document-suite-with-no-macro-support-at-all, and thus the company would effectively be undermining its own product to give more aggressive competitors an unfair advantage. Microsoft’s annoying, but understandable, argument was that endpoint software products generally get judged, by users and reviewers alike, based on what they do “out ot the box”. Part of the problem was that that the vast majority of users, who didn’t really need VBA at all, were forced to have it installed and enabled by default.Įven those who didn’t want it and knew they didn’t want it couldn’t choose to skip the VBA part at installation time, or reliably turn it off afterwards.įor years, the cybersecurity industry urged Microsoft to change the Office defaults to allow installs where VBA functionality could be turned off (at the least), omitted entirely if desired (better still), or not installed by default at all (best of all). Why Word “macro malware” is back, and what you can do about it… Given that people typically exchanged Office documents many times a day (hundreds or thousands of times more frequently than they ever exchanged programs, or EXE files), macro viruses quickly became an ever-present, ever-troublesome problem. Suddenly, anyone and everyone could be a virus writer. The word has even been wrangled backwards into the acronym Beginners’ All-purpose Symbolic Instruction Code, to remind you that it’s easy to learn because it was designed to be easy to learn. This made it easy for companies to adapt the behaviour of their Office apps to match their own workflow, which was enormously handy if you needed or wanted such a feature, for example to limit documents labelled ‘confidential’ from being printed out by mistake.Įven more dramatically, some special event-based macros, such as Auto_Open, were automatically triggered even if all you did was look at the document.Īs a result, a malware writer who wanted to booby-trap a document file, getting it to run an embedded virus every single time the document was viewed, didn’t have to learn any special hacking or low-level coding skills at all.Īs you probably know, the family of languages known as BASIC are meant to live up to their name. Simply put, if an Office document contained an embedded macro with a name that matched one of the Office menu options, then that macro would be triggered automatically whenever the user clicked on that menu item. In fact, macro viruses were already a problem even before the Office apps merged into a suite of tools with a common macro coding language known as VBA, short for Visual Basic for Applications.īefore 1997, for example, Microsoft Word had its own scripting languge called WordBasic – similar to VBA, but not compatible with it – that was widely abused by malware writers for programming self-speading computer viruses.īut VBA was more powerful, more standardised, and once Office appeared, the malware writers took to it like… well, like a duck to water. If you’ve been in cybersecurity since the last millennium, you will certainly remember, and may still have occasional nightmares about, Microsoft Office macro viruses.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |