Thursday 30 April 2015

Microsoft Provides Alarm About Macro-Malware


To perform asking Internet users if they macros in Office documents so that their computer is infected with malware is a very successful method for cyber criminals, as the past few months more than half a million computers were infected in this way.

The malware is distributed via e-mails with subjects about bills, taxes, delivery confirmations, CVs and donation confirmations. Topics according to Microsoft, users can easily mislead to open the email and attachment without piggybacked hereby thinking. Once the macro is executed will download a file which then downloads a Trojan downloader. This downloader installs additional malware on the system. The software giant sets raises the question of how this form of social engineering can be combated.

In the case of enterprises, system administrators can take various measures. Most macro malware namely located in the .doc format used in Office 2007 and earlier. Administrators can set up via the Trust Center of Office that documents from earlier Office versions are not loaded. In addition, the operation of macros in Office can be configured , for example, to allow only digitally signed macros or block all macros.

No comments:

Post a Comment