Macro virus (computing)
From Wikipedia, the free encyclopedia
In computing terminology, a macro virus is a virus that is written in a macro language: that is to say, a language built into a software application such as a word processor. Since some applications (notably, but not exclusively, the parts of Microsoft Office) allow macro programs to be embedded in documents, so that the programs may be run automatically when the document is opened, this provides a distinct mechanism by which viruses can be spread. This is why it may be dangerous to open unexpected attachments in e-mails. Modern antivirus software detects macro viruses as well as other types.
Contents |
[edit] Fundamentals
A macro is a series of commands and actions that help to automate some tasks - effectively a program, but usually quite short and simple. However they are created, they need to be executed by some system which interprets the stored commands. Some macro systems are self-contained programs, but others are built into complex applications (for example word processors) to allow users to repeat sequences of commands easily, or to allow developers to tailor the application to local needs. The step which has made some applications susceptible to macro viruses was to allow macros to be stored in the very documents which are being edited or processed by the application. This makes it possible for a document to carry a macro, not obvious to the user, which will be executed automatically on opening the document.
[edit] Operation
A macro virus can be spread through email attachments, discs, networks, modems, and the internet.[1] Uninfected documents contain normal macros. Most macros start automatically when a document is opened or closed. A common way for a macro virus to infect a computer is by replacing normal macros with the virus. The macro virus replaces the regular commands with the same name and runs when the command is selected. In this case where the macro is run automatically, the macro is opened without the user knowing.[2]
Once the application opens a file that contains a macro virus, the virus can infect the system. When opened, it will begin to embed itself in other documents and templates, as well as future ones created. It may corrupt other parts of the system as well, depending on what resources a macro in this application can get access to. As the infected documents are shared with other users and systems, the virus will spread.
A well known example of a macro virus is the Melissa Virus from 1999. A document was created with the virus in it and anyone who opened it would ‘catch’ the virus. The virus would then send itself by email to the first 50 people in the person’s address book. This made the virus replicate at a fast rate.[3]
Since a macro virus depends on the application rather than the operating system, it can infect a computer running any operating system to which the targeted application has been ported. In particular, since Microsoft Word is available on Macintosh computers, word macro viruses can attack these as well as Windows platforms.[1]
[edit] Common macro viruses
[edit] References
- ^ a b Frequently Asked Questions: Word Macro Viruses. Microsoft. Retrieved on 2006-06-18.
- ^ Information Bulletin: Macro Virus Update. Computer Incident Advisory Capability. Retrieved on 2006-06-18.
- ^ How Computer Viruses Work. How Stuff Works inc. Retrieved on 2006-06-18.
[edit] Further reading
- Microsoft Corporation. (2006). Introduction to Security. Retrieved June 18, 2006, from the World Wide Web: http://office.microsoft.com/en-au/assistance/HA010450711033.aspx
- The Trustees of Indiana University. (2006). What are computer Viruses, Worms, and Trojan Horses. Retrieved June 18, 2006 from the World Wide Web: http://kb.iu.edu/data/aehm.html
- Macro Virus from Security News & Information http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=33338