Are there any Macro Viruses Nowadays?

[MIG]

I know that macro viruses were the most common threat back in 1996 or
so, but are there really any macro viruses nowadays?

I've been having a discussion about the macro security in Excel, which
is a complete pain when someone with their setting on High simply
doesn't know that anything was meant to happen.

My guess is that it's dealing with an out of date problem, like the
way that anti virus software offers to quarantine and repair worms
(why would you want to repair a worm?).

However, if there are any genuine macro threats, I'd be interested to
know.

Thanks.

 

[Jim Rech]

I haven't heard of a new Excel macro virus in many years. I think the
misanthropes have moved on to the internet.

A macro virus is a special kind of macro that may or may not do bad things
to you but, by definition, it tries to propagate itself. It's possible to
have a macro that does bad things, accidentally or deliberately, and doesn't
try to propagate itself.

I think most users want to be warned if an unknown workbook contains macros,
with the option to enable them. Some organizations however, out of an
abundance of caution, prevent this.

--
Jim
|I know that macro viruses were the most common threat back in 1996 or
| so, but are there really any macro viruses nowadays?
|
| I've been having a discussion about the macro security in Excel, which
| is a complete pain when someone with their setting on High simply
| doesn't know that anything was meant to happen.
|
| My guess is that it's dealing with an out of date problem, like the
| way that anti virus software offers to quarantine and repair worms
| (why would you want to repair a worm?).
|
| However, if there are any genuine macro threats, I'd be interested to
| know.
|
| Thanks.
|

 

[MIG]

Yeah, it's very annoying that the default setting seems to be to
disable macros without even telling you. I would have thought that
giving the option every time would be enough.

 

[Bruce Sinclair]

Yeah, it's very annoying that the default setting seems to be to
disable macros without even telling you. I would have thought that
giving the option every time would be enough.

... but how many people actually read the message before clicking OK ?

Remember ... there are a lot of very stupid people out there. That's how
most of the trojans still work ... by relying on the wet ware.

 

[Jim Rech]

I didn't remember what the default was so (for Excel 2003) I renamed the
registry key that holds my setting and started Excel. You're right the
default is High. I think MS has been burned so many times by less than
careful users and bad press that they default to this very conservative
setting. With enterprise installs every setting, including this one, can be
customized. I'd hope that most companies change it to Medium.

--
Jim
| Yeah, it's very annoying that the default setting seems to be to
| disable macros without even telling you. I would have thought that
| giving the option every time would be enough.
|
|
|
| > I haven't heard of a new Excel macro virus in many years. I think the
| > misanthropes have moved on to the internet.
| >
| > A macro virus is a special kind of macro that may or may not do bad
things
| > to you but, by definition, it tries to propagate itself. It's possible
to
| > have a macro that does bad things, accidentally or deliberately, and
doesn't
| > try to propagate itself.
| >
| > I think most users want to be warned if an unknown workbook contains
macros,
| > with the option to enable them. Some organizations however, out of an
| > abundance of caution, prevent this.
| >
| > --
| >
| > | > |I know that macro viruses were the most common threat back in 1996 or
| > | so, but are there really any macro viruses nowadays?
| > |
| > | I've been having a discussion about the macro security in Excel, which
| > | is a complete pain when someone with their setting on High simply
| > | doesn't know that anything was meant to happen.
| > |
| > | My guess is that it's dealing with an out of date problem, like the
| > | way that anti virus software offers to quarantine and repair worms
| > | (why would you want to repair a worm?).
| > |
| > | However, if there are any genuine macro threats, I'd be interested to
| > | know.
| > |
| > | Thanks.
| > |
|
|

 

[MIG]

.. but how many people actually read the message before clicking OK ?

Remember ... there are a lot of very stupid people out there. That's how
most of the trojans still work ... by relying on the wet ware.

True, but it goes back to my original question about whether macro
viruses are a current threat or a ten-years-out-of-date threat.

 

[Bruce Sinclair]

True, but it goes back to my original question about whether macro
viruses are a current threat or a ten-years-out-of-date threat.

Yep sure does ... and I don't know. I don't even know if the older macro
'viruses' will even affect the newer versions of the s/w ... anyone ?

I am reminded however of the 6 dumbest ideas in computer security ...
http://www.ranum.com/security/computer_security/editorials/dumb/index.html

(or it was there a while back) where numb


too.

i

 

[Bruce Sinclair]

Yep sure does ... and I don't know. I don't even know if the older macro
'viruses' will even affect the newer versions of the s/w ... anyone ?

I am reminded however of the 6 dumbest ideas in computer security ...
http://www.ranum.com/security/computer_security/editorials/dumb/index.html

(or it was there a while back) where numb

oops - sorry for the followup to own message, but it seems to have got
garbled (more than usual ).

To continue ...

... where number one was default permit (meaning allow anything). I'd much
rather see default deny (as it seems to be) but agree that it should tell
you that's what it's doing at the least. Might be hard to work out why a
sheet isn't working otherwise for example