Word macro viruses (was: Netscape trying to "view" Word documents)
Prentiss Riddle
riddle at is.rice.edu
Thu Apr 18 10:03:39 EDT 1996
On Wed, 17 Apr 1996, Tim Tripp wrote:
> We're setting up an Intranet, running off of a 486 running Linux and NCSA
> HTTPd.
Be aware that viruses have been discovered for Microsoft Word 6.0 and
above, based on the macro features implemented in recent versions of
Word. Some of the Word macro viruses found so far are malicious and
can delete files from your local disk.
Microsoft has made Word macro virus detection software available, but
reports vary on whether it is possible to configure Netscape to run the
virus checker without fail before viewing a Word document. It may
therefore be unwise to configure your web clients to automatically view
Word documents from untrusted sources.
If you are building a system which is strictly an "intranet" and your
users won't be able to view documents from elsewhere on the web, then
you may feel that you are safe. Another option would be to use a
non-standard file extension and MIME type so that your users' web
browsers won't know what to do with ordinary Word docs but will know
how to view Word docs distributed within your organization. (The
latter solution still might not protect you from an intentional
malicious attack if an outsider could determine the file extension and
MIME type you use.)
For more information on Word macro viruses, see:
http://ciac.llnl.gov/ciac/bulletins/g-10a.shtml
http://www.microsoft.com/msoffice/freestuf/msword/download/mvtool/mvtool2.htm
-- Prentiss Riddle ("aprendiz de todo, maestro de nada") riddle at rice.edu
-- RiceInfo Administrator, Rice University / http://is.rice.edu/~riddle
-- Home office: 2002-A Guadalupe St. #285, Austin, TX 78705 / 512-323-0708
More information about the Web4lib
mailing list