Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Macro virus
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Operation == A macro virus can be spread through [[e-mail attachment]]s, [[removable media]], [[computer network|networks]] and the [[Internet]], and is notoriously difficult to detect.<ref name='msfaq'/> A common way for a macro virus to infect a computer is by replacing normal macros with a virus. The macro virus replaces regular commands with the same name and runs when the command is selected. These malicious macros may start automatically when a document is opened or closed, without the user's knowledge.<ref name=ciac>{{cite web|title=Information Bulletin: Macro Virus Update|publisher=Computer Incident Advisory Capability|access-date=2006-06-18|url=http://www.ciac.org/ciac/bulletins/i-023.shtml|archive-url=https://web.archive.org/web/20060612205443/http://ciac.org/ciac/bulletins/i-023.shtml|archive-date=2006-06-12|url-status=usurped}}</ref> Once a file containing a macro virus is opened, the virus can infect the system. When triggered, it will begin to embed itself in other documents and templates. It may corrupt other parts of the system, depending on what resources a macro in this application can access. When the infected documents are shared with other users and systems, the virus spreads. Macro viruses have been used as a method of installing software on a system without the user's consent, as they can be used to download and install software from the internet through the use of automated key-presses. However, this is uncommon as it is usually not fruitful for the virus coder since the installed software is usually noticed and uninstalled by the user.<ref name="Margaret Rouse">{{cite web | url=https://searchsecurity.techtarget.com/definition/macro-virus | title=macro virus | date=January 2018 | access-date=7 January 2019 | author= Margaret Rouse}}</ref> Since a macro virus depends on the application rather than the [[operating system]], it can infect a computer running any operating system to which the targeted application has been ported. In particular, since Microsoft Word is available on [[Macintosh]] computers, word macro viruses can attack some Macs in addition to Windows platforms.<ref name=msfaq>{{cite web|title=Frequently Asked Questions: Word Macro Viruses|url=http://support.microsoft.com/kb/187243/en|access-date=2006-06-18|publisher=Microsoft|archive-url=https://web.archive.org/web/20110604162558/http://support.microsoft.com/kb/187243/en|archive-date=2011-06-04}}</ref> An example of a macro virus is the [[Melissa (computer virus)|Melissa virus]] which appeared in March 1999. When a user opens a Microsoft Word document containing the Melissa virus, their computer becomes infected. The virus then sends itself by email to the first 50 people in the person's address book. This made the virus replicate at a fast rate.<ref>{{cite web|title=How Computer Viruses Work|date=April 2000 |access-date=2006-06-18|publisher=How Stuff Works inc|url=http://www.howstuffworks.com/virus4.htm}}</ref> Not all macro viruses are detected by [[antivirus software]].<ref>{{cite web |last1=Frankenfield |first1=Jake |title=Macro Virus |url=https://www.investopedia.com/terms/m/macro-virus.asp |website=Investopedia |access-date=12 January 2022}}</ref> Caution when opening email attachments and other documents decreases the chance of becoming infected. Due to the prevalence of macro viruses, starting with [[Microsoft Office 2007]], Microsoft assigned a separate set of [[file extension]]s ending in "m" to Office files containing macros in order to prevent users from opening macro virus-infected files that were not intended to contain macros in the first place.<ref>{{cite web |last1=Hoffman |first1=Chris |title=Macros Explained: Why Microsoft Office Files Can Be Dangerous |url=https://www.howtogeek.com/171993/macros-explained-why-microsoft-office-files-can-be-dangerous/ |website=How-To Geek |date=11 September 2013 |access-date=2 March 2021}}</ref> Current versions of [[Microsoft Office]] block macros by default in files originating from the internet, a change that first appeared in April 2022.<ref>{{Cite web|last=DHB-MSFT|title=Macros from the internet are blocked by default in Office - Deploy Office|url=https://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blocked|access-date=2022-02-15|website=docs.microsoft.com|language=en-us}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)