Macro virus
In computing terminology, a macro virus is a virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications). Some applications, such as Microsoft Office, Excel, PowerPoint allow macro programs to be embedded in documents such that the macros are run automatically when the document is opened, and this provides a distinct mechanism by which malicious computer instructions can spread. This is one reason it can be dangerous to open unexpected attachments in e-mails. Many antivirus programs can detect macro viruses; however, the macro virus' behavior can still be difficult to detect.
Fundamentals
A macro is a series of commands and actions that helps automating some tasks - usually a quite short and simple program. However they are created, they need to be executed by some system which interprets the stored commands. Some macro systems are self-contained programs, but others are built into complex applications (for example word processors) to allow users to repeat sequences of commands easily, or to allow developers to tailor the application to local needs.
Operation
A macro virus can be spread through e-mail attachments, removable media, networks and the Internet, and is notoriously difficult to detect.[1] A common way for a macro virus to infect a computer is by replacing normal macros with a virus. The macro virus replaces regular commands with the same name and runs when the command is selected. These malicious macros may start automatically when a document is opened or closed, without the user's knowledge.[2]
Once a file containing a macro virus is opened, the virus can infect the system. When triggered, it will begin to embed itself in other documents and templates. It may corrupt other parts of the system, depending on what resources a macro in this application can access. When the infected documents are shared with other users and systems, the virus spreads. Macro viruses have been used as a method of installing software on a system without the user's consent, as they can be used to download and install software from the internet through the use of automated key-presses. However, this is uncommon as it is usually not fruitful for the virus coder since the installed software is usually noticed and uninstalled by the user.[3]
Since a macro virus depends on the application rather than the operating system, it can infect a computer running any operating system to which the targeted application has been ported. In particular, since Microsoft Word is available on Macintosh computers, word macro viruses can attack some Macs in addition to Windows platforms.[1]
An example of a macro virus is the Melissa virus which appeared in March 1999. When a user opens a Microsoft Word document containing the Melissa virus, their computer becomes infected. The virus then sends itself by email to the first 50 people in the person's address book. This made the virus replicate at a fast rate.[4]
Not all macro viruses are detected by antivirus software.[5] Caution when opening email attachments and other documents decreases the chance of becoming infected.
Due to the prevalence of macro viruses, starting with Microsoft Office 2007, Microsoft assigned a separate set of file extensions ending in "m" to Office files containing macros in order to prevent users from opening macro virus-infected files that were not intended to contain macros in the first place.[6]
On the 9th of February, Microsoft announced that Office files originating from the internet will have their macros blocked by default, starting from April 2022.[7]
See also
- Malware – software intended to break computers or steal private information
- Computer virus
- Computer worm
- Trojan horse (computing) – malware hidden inside anti-virus software or other apps
- Ransomware (malware)
- Spyware
- Technical support scam – unsolicited phone calls from a fake "tech support" person, claiming that the computer has a virus or other problems
References
- ↑ 1.0 1.1 "Frequently Asked Questions: Word Macro Viruses". Microsoft. http://support.microsoft.com/kb/187243/en.
- ↑ "Information Bulletin: Macro Virus Update". Computer Incident Advisory Capability. http://www.ciac.org/ciac/bulletins/i-023.shtml.
- ↑ Margaret Rouse (January 2018). "macro virus". https://searchsecurity.techtarget.com/definition/macro-virus.
- ↑ "How Computer Viruses Work". How Stuff Works inc. April 2000. http://www.howstuffworks.com/virus4.htm.
- ↑ Frankenfield, Jake. "Macro Virus". https://www.investopedia.com/terms/m/macro-virus.asp.
- ↑ Hoffman, Chris. "Macros Explained: Why Microsoft Office Files Can Be Dangerous". https://www.howtogeek.com/171993/macros-explained-why-microsoft-office-files-can-be-dangerous/.
- ↑ DHB-MSFT. "Macros from the internet are blocked by default in Office - Deploy Office" (in en-us). https://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blocked.
Further reading
- Microsoft Corporation. (2006). Introduction to Security. Retrieved June 18, 2006
- The Trustees of Indiana University. (2006). What are computer Viruses, Worms, and Trojan Horses? Retrieved June 18, 2006
- Macro Viruses from Security News & Information
Original source: https://en.wikipedia.org/wiki/Macro virus.
Read more |