Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Macro virus
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Operation == A macro virus can be spread through [[e-mail attachment]]s, [[removable media]], [[computer network|networks]] and the [[Internet]], and is notoriously difficult to detect.<ref name='msfaq'/> A common way for a macro virus to infect a computer is by replacing normal macros with a virus. The macro virus replaces regular commands with the same name and runs when the command is selected. These malicious macros may start automatically when a document is opened or closed, without the user's knowledge.<ref name=ciac>{{cite web|title=Information Bulletin: Macro Virus Update|publisher=Computer Incident Advisory Capability|access-date=2006-06-18|url=http://www.ciac.org/ciac/bulletins/i-023.shtml|archive-url=https://web.archive.org/web/20060612205443/http://ciac.org/ciac/bulletins/i-023.shtml|archive-date=2006-06-12|url-status=usurped}}</ref> Once a file containing a macro virus is opened, the virus can infect the system. When triggered, it will begin to embed itself in other documents and templates. It may corrupt other parts of the system, depending on what resources a macro in this application can access. When the infected documents are shared with other users and systems, the virus spreads. Macro viruses have been used as a method of installing software on a system without the user's consent, as they can be used to download and install software from the internet through the use of automated key-presses. However, this is uncommon as it is usually not fruitful for the virus coder since the installed software is usually noticed and uninstalled by the user.<ref name="Margaret Rouse">{{cite web | url=https://searchsecurity.techtarget.com/definition/macro-virus | title=macro virus | date=January 2018 | access-date=7 January 2019 | author= Margaret Rouse}}</ref> Since a macro virus depends on the application rather than the [[operating system]], it can infect a computer running any operating system to which the targeted application has been ported. In particular, since Microsoft Word is available on [[Macintosh]] computers, word macro viruses can attack some Macs in addition to Windows platforms.<ref name=msfaq>{{cite web|title=Frequently Asked Questions: Word Macro Viruses|url=http://support.microsoft.com/kb/187243/en|access-date=2006-06-18|publisher=Microsoft|archive-url=https://web.archive.org/web/20110604162558/http://support.microsoft.com/kb/187243/en|archive-date=2011-06-04}}</ref> An example of a macro virus is the [[Melissa (computer virus)|Melissa virus]] which appeared in March 1999. When a user opens a Microsoft Word document containing the Melissa virus, their computer becomes infected. The virus then sends itself by email to the first 50 people in the person's address book. This made the virus replicate at a fast rate.<ref>{{cite web|title=How Computer Viruses Work|date=April 2000 |access-date=2006-06-18|publisher=How Stuff Works inc|url=http://www.howstuffworks.com/virus4.htm}}</ref> Not all macro viruses are detected by [[antivirus software]].<ref>{{cite web |last1=Frankenfield |first1=Jake |title=Macro Virus |url=https://www.investopedia.com/terms/m/macro-virus.asp |website=Investopedia |access-date=12 January 2022}}</ref> Caution when opening email attachments and other documents decreases the chance of becoming infected. Due to the prevalence of macro viruses, starting with [[Microsoft Office 2007]], Microsoft assigned a separate set of [[file extension]]s ending in "m" to Office files containing macros in order to prevent users from opening macro virus-infected files that were not intended to contain macros in the first place.<ref>{{cite web |last1=Hoffman |first1=Chris |title=Macros Explained: Why Microsoft Office Files Can Be Dangerous |url=https://www.howtogeek.com/171993/macros-explained-why-microsoft-office-files-can-be-dangerous/ |website=How-To Geek |date=11 September 2013 |access-date=2 March 2021}}</ref> Current versions of [[Microsoft Office]] block macros by default in files originating from the internet, a change that first appeared in April 2022.<ref>{{Cite web|last=DHB-MSFT|title=Macros from the internet are blocked by default in Office - Deploy Office|url=https://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blocked|access-date=2022-02-15|website=docs.microsoft.com|language=en-us}}</ref>
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Macro virus
(section)
Add topic
