Slow startup

E

Ed

Suzanne S. Barnhill said:
That's what we've been asking ever since NAV first incorporated the
Office Plug-in. Even Symantec doesn't know.
Click to expand...
--
Suzanne S. Barnhill
Microsoft MVP (Word)
Words into Type
Fairhope, Alabama USA
Click to expand...

Suppose I'm in Word and find a photo or something on the Web I'd like
to incorporate in my document. If the Office security plug-in
is not activated, am I not subject to a virus in that photo? Seems
like there's gotta be a reason for it, as the AV companies
have enough to do already.

Just curious.

Ed

Ed
 
T

Terry Farrell

Ed

There's as much chance of the photo infecting you with a virus when you view
it in Internet Explorer (or whatever) as it is when you copy it into Word.
If you download the picture, then the AV will scan it anyway. As Suzanne has
stated, we have repeatedly asked Norton (Symantec) to explain what the
plug-in does in Office and they couldn't : they just didn't know.

Millions of us are happily working without an Office AV plug-in: just don't
worry about it.

Terry
 
B

Bob Buckland ?:-\)

Hi Suzanne,

The 'hooks' are part of the MS Anti-Virus API. It's pupose is mentioned briefly in the 'Virus' section of the Office 2003 Security
White Paper at
http://office.microsoft.com/download/afile.aspx?AssetID=AM102424861033

There's a lot of tech details on MSDN, such as
http://msdn2.microsoft.com/en-us/library/ms537371(VS.85).aspx

=======

That's what we've been asking ever since NAV first incorporated the Office
Plug-in. Even Symantec doesn't know.

--
Suzanne S. Barnhill
Microsoft MVP (Word) >>

--

Bob Buckland ?:)
MS Office System Products MVP

*Courtesy is not expensive and can pay big dividends*
 
S

Suzanne S. Barnhill

Aside from the fact that the author of
http://office.microsoft.com/download/afile.aspx?AssetID=AM102424861033
doesn't know how to spell "supersede" (and either wasn't using or ignored
Word's spell check), the white paper seems to be pretty much saying that a
decent AV app can do the necessary without an Office plug-in, but it may
impact performance. If the plug-ins didn't affect usability and performance
even more negatively, this might be relevant.
 
B

Bob Buckland ?:-\)

Hi Suzanne,

Well, you asked about information on what the 'hooks' were for, so spelling is a key bit of information <g>. You mean you didn't
like the alternate suggestion from Spell check of
super ceded ? ;)

The plug-in covers/covered one possible hole in the apps, and that was a timing issue between when a request went to Windows and an
antivirus check was run there and then when the 'safe' file was passed to an Office app.

At the time it was first introduced, MS wasn't 'in' the antivirus/security business, but now, with OneCare, they are, and over time
the 3rd party security products have gotten better as well, so the risk is likely smaller these days, but it's said that this can
also only make those on a path to 'break it' more determined than when it was 'easier' :) As the white paper points out the API is
improved in Office 2003 and it has been improved again for Office 2007 as well as for Windows and Internet Explorer versions.

Is there a greater risk without the plug-ins? Yes. Is it a big risk? Not until the first time someone exploits it on a wide
scale, or it happens to 'you' <g> [and of course that would only happen when on deadline].

=============
Aside from the fact that the author of
http://office.microsoft.com/download/afile.aspx?AssetID=AM102424861033
doesn't know how to spell "supersede" (and either wasn't using or ignored
Word's spell check), the white paper seems to be pretty much saying that a decent AV app can do the necessary without an Office
plug-in, but it may
impact performance. If the plug-ins didn't affect usability and performance
even more negatively, this might be relevant.

--
Suzanne S. Barnhill >>
--

Bob Buckland ?:)
MS Office System Products MVP

*Courtesy is not expensive and can pay big dividends*
 
T

Terry Farrell

Hi Bob

So by implication, AVs that don't have this 'feature' (like NOD32) are
inferior to those that do?

Terry
 
B

Bob Buckland ?:-\)

Hi Terry,


As different AVIs use their own methods and techniques to watch and sweep, whether the do it through an add-in reflects a design
approach decision for a particular product probably more than effectiveness of the method chosen and the particular environment.

I'm guessing that calling the API, loading, releasing, etc takes time :) and some of the products that used or looked at using the
hooks that are available through MS Office, IE and others may from time to time hear 'next version' when they ask for improvements
with their MS interactions in that arena :)

==============
Hi Bob

So by implication, AVs that don't have this 'feature' (like NOD32) are
inferior to those that do?

Terry >>
--

Bob Buckland ?:)
MS Office System Products MVP

*Courtesy is not expensive and can pay big dividends*
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

"running virus scan" slowing down Word 3
Word is slow opening files 2
AVG Resident Shield - should I use it 8
AVG scanning (or not) of Office files 5
Need help! Cpu usage at 100% after startup 8
Very Slow PC 23
O.T. - Temporary firewall problem at boot up: 43
Logon problem 3

Top