Microsoft warns again for Office macros that infect PCs with malware

Asking internet users whether they want to execute macros in Office documents is a successful method for cybercriminals. Once the user executes the macro, the computer is infected with malware. According to Microsoft the last couple of months more than 500,000 PCs have been infected this way.macroblog4

The malware is distributed through emails usually with subjects about financial transactions. Subjects that according to Microsoft easily trick users to open emails and their attachments. As soon as the macro is executed it downloads a file that in its turn downloads a Trojan downloader. The downloader installs additional malware on the system. The software giant therefore also wonders how it can protect users from this social engineering variant.

ADVERTISEMENT

In case of companies, system and network administrators can take several security measures. Most macro malware is contained in the .doc format used in Office 2007 and older versions. Administrators can disallow documents of older Office versions through the Office Trust Center. Also the settings on how macros in Office behave can be configured, e.g. to only allow digitally signed macros or blocking all macros.

No posts to display