[plug] Macro viruses target OpenOffice and StarOffice

Jacqueline McNally j-conversations at decisions-and-designs.com.au
Sat Jun 3 18:55:59 WST 2006 

Daniel Pearson wrote:
> http://www.crn.com.au/story.aspx?CIID=38449&eid=4&edate=20060601
> 
> "Macro viruses haven't been in the headlines since the late 1990s,
> but that changed earlier this week when Kaspersky Lab revealed its
> discovery of a proof of concept macro that targets the open source
> applications OpenOffice and StarOffice.
> 

From: http://www.openoffice.org/servlets/ReadMsg?list=announce&msgNo=287

There has been press comment recently about a "proof-of-concept macro
virus" affecting OpenOffice.org and reported in a blog at an anti-virus
company.[1]

Macros are a useful part of any office suite, allowing users to automate
repetitive tasks. These tasks include potentially destructive actions
such as modifying and deleting files, which is why macros are of
interest to virus writers.

The "proof-of-concept macro virus" showed that it is possible to write a
simple "virus-like" program using OpenOffice.org's macro language. This
is a known risk with any capable macro language. To mitigate against
this risk, by default OpenOffice.org detects if a document contains
macros, displays a warning, and will only run the macro if the user
specifically agrees. This behaviour conforms to industry best practice.

The OpenOffice.org engineers take the security of the software very
seriously, and will react promptly to any new issues. This "proof of
concept" virus is not new information, and does not require a software
patch. Technically, it is not even a virus, as it is not
"self-replicating" - with OpenOffice.org's default settings, it cannot
spread without user intervention.

However, the OpenOffice.org community repeats the consistent message
from security experts that users should never accept files from unknown
sources. For any security issue, please visit OpenOffice.org's Security
Team page [2] and send a note to security at openoffice.org.

[1] http://www.viruslist.com/en/weblog?weblogid=187738337
[2] http://www.openoffice.org/security/

- The OpenOffice.org Team

---///---

You can subscribe to the [ooo-announce] list and browse the archives.
See: http://www.openoffice.org/mail_list.html#general. The
[ooo-announce] list is displayed below the information about the [users]
list.

Announcements and notices are often posted to the OOo home page, so I
would check there too.

Regards
Jacqueline McNally
OOoCon2006 in Lyon (http://marketing.openoffice.org/conference/)

Are you a computer angel? (www.computerangels.org.au)

More information about the plug mailing list