Macro virus (computing)

Macro virus (computing)

In computing terminology, a macro virus is a virus that is written in a macro language: that is to say, a language built into a software application such as a word processor. Since some applications (notably, but not exclusively, the parts of Microsoft Office) allow macro programs to be embedded in documents, so that the programs may be run automatically when the document is opened, this provides a distinct mechanism by which viruses can be spread. This is why it may be dangerous to open unexpected attachments in e-mails. Modern antivirus software detects macro viruses as well as other types.

Fundamentals

A macro is a series of commands and actions that help to automate some tasks - effectively a program, but usually quite short and simple. However they are created, they need to be executed by some system which interprets the stored commands. Some macro systems are self-contained programs, but others are built into complex applications (for example word processors) to allow users to repeat sequences of commands easily, or to allow developers to tailor the application to local needs. The step which has made some applications susceptible to macro viruses was to allow macros to be stored in the very documents which are being edited or processed by the application. This makes it possible for a document to carry a macro, not obvious to the user, which will be executed automatically on opening the document.

Operation

A macro virus can be spread through email attachments, discs, networks, modems, and the internet and is notoriously difficult to detect. Uninfected documents contain normal macros. Most macros start automatically when a document is opened or closed, however it can be set to activate when a certain time is reached or even when the system has been left idle for a period of time to avoid detection, however this is uncommon as it is a difficult method and can only be executed once. A common way for a macro virus to infect a computer is by replacing normal macros with the virus. The macro virus replaces the regular commands with the same name and runs when the command is selected. In this case where the macro is run automatically, the macro is opened without the user knowing.cite web|title=Information Bulletin: Macro Virus Update|publisher=Computer Incident Advisory Capability|accessdate=2006-06-18|url=http://www.ciac.org/ciac/bulletins/i-023.shtml]

Once the application opens a file that contains a macro virus, the virus can infect the system. When triggered, it will begin to embed itself in other documents and templates, as well as future ones created. It may corrupt other parts of the system as well, depending on what resources a macro in this application can get access to. As the infected documents are shared with other users and systems, the virus will spread. The macro virus has also been known to be used as a way of installing software on a system without the users consent as it can be used to look up software on the internet, go through with downloading and installing the software through the use of automated key-presses etc, however this is uncommon as it is usually un-fruitful for the virus coder as the installed software is usually noticed and uninstalled by the user. Also because the "time bomb" method is used (where the virus is set to go off at a certain time) this process can only be excecuted once and therefore is virtually harmless.

A well known example of a macro virus is the Melissa Virus from 1999. A document was created with the virus in it and anyone who opened it would ‘catch’ the virus. The virus would then send itself by email to the first 50 people in the person’s address book. This made the virus replicate at a fast rate. [cite url|title=How Computer Viruses Work|accessdate=2006-06-18|publisher=How Stuff Works inc|url=http://www.howstuffworks.com/virus2.htm]

Since a macro virus depends on the application rather than the operating system, it can infect a computer running any operating system to which the targeted application has been ported. In particular, since Microsoft Word is available on Macintosh computers, word macro viruses can attack these as well as Windows platforms.cite web|title=Frequently Asked Questions: Word Macro Viruses|url=http://support.microsoft.com/kb/187243/en|accessdate=2006-06-18|publisher=Microsoft]

The macro virus can be avoided by exercising caution when opening email attachments and other documents.

Common macro viruses

* Concept Virus
* Melissa worm

References

Further reading

* Microsoft Corporation. (2006). Introduction to Security. Retrieved June 18, 2006, from the World Wide Web: http://office.microsoft.com/en-au/assistance/HA010450711033.aspx
* The Trustees of Indiana University. (2006). What are computer Viruses, Worms, and Trojan Horses. Retrieved June 18, 2006 from the World Wide Web: http://kb.iu.edu/data/aehm.html
* Macro Virus from Security News & Information http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=33338


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Macro virus — A macro virus can refer to one of two things: *A macro virus, in computing, is a computer virus that exploits programs associated documents (such as Microsoft Word Documents) to contain harmful embedded code. *A macro virus, in biology, is a… …   Wikipedia

  • Macro (computer science) — A macro (from the Greek μάκρο for long or far) in computer science is a rule or pattern that specifies how a certain input sequence (often a sequence of characters) should be mapped to an output sequence (also often a sequence of characters)… …   Wikipedia

  • Computer virus — Not to be confused with Malware. A computer virus is a computer program that can replicate itself[1] and spread from one computer to another. The term virus is also commonly but erroneously used to refer to other types of malware, including but… …   Wikipedia

  • Melissa (computer virus) — The Melissa virus, also known as Mailissa , Simpsons , Kwyjibo , or Kwejeebo , is a mass mailing macro virus. As it is not a standalone program, it is not a worm. Contents 1 History 2 David L. Smith 3 Virus specifications …   Wikipedia

  • Defensive computing — is a form of practice for computer users to help reduce the risk of computing problems, by avoiding dangerous computing practices. The primary goal of this method of computing is to be able to anticipate and prepare for potentially problematic… …   Wikipedia

  • Trojan horse (computing) — Beast, a Windows based backdoor Trojan horse A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but (perhaps in addition to the expected function) steals information or harms… …   Wikipedia

  • Firewall (computing) — This article is about the network security device. For other uses, see Firewall. An illustration of where a firewall would be located in a network …   Wikipedia

  • Mobile virus — A mobile virus is an electronic virus that targets mobile phones or wireless enabled PDAs. As wireless phone and PDA networks become more numerous and more complex, it has become more difficult to secure them against electronic attacks in the… …   Wikipedia

  • DMV — Department of Motor Vehicles (Governmental » Police) Department of Motor Vehicles (Governmental » Transportation) * Download Music Videos (Internet » Chat) * Department of Transportation Division of Motor Vehicles (Community » Law) * Document… …   Abbreviations dictionary

  • Malware — Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”