Macro viruses are possible in any software that has macros, and you really need macro capability in things like word-processing and spreadsheet programs. The question will be how the virus macro is activated. When I first dealt with macro viruses back around 1990, the most dangerous ones were the ones that took advantage of autoexec macros (ones that executed automatically whenever the document or spreadsheet they were in was loaded). The next most dangerous were ones that attached their macro automatically to a key or function that the user wouldn't expect to invoke an unfamiliar macro. I believe, though, that StarOffice and OpenOffice can both be configured to disable autoexec macros and auto-assigning of macros to keys. That would pretty much neuter any macro virus in a document. A user would have to manually run it for it to take effect.

Of course, thinking about the behavior of all too many Windows users when confronted with malware in attachments, I don't think that last is all that comforting.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/218/1021#1021