TIP: Click on subject to list as thread! ANSI
echo: virus_info
to: DAVID DESROSIERS
from: JULIAN YAP
date: 1997-02-15 21:24:00
subject: Re: VIRUS GOOD-TIMES

 -=> Quoting David Desrosiers to Julian Yap <=-
 JY> Ever heard of the AUTOOPEN macro and various other auto-executable
 JY> macros in Word?  Simply reading a document CAN activate a virus in
 JY> Word.
 DD> Actually, you're wrong. READING a document cannot execute the
 DD> macro. If you open the document in Word, and allow the macros to
 DD> execute, they will run and (depending on the macro) infect your
 DD> NORMAL.DOT file, and other files. If you READ it in anything other than
 DD> Word, it will not infect you. Word itself is the infector, and it's
 DD> just interpreting the macros and executing them.
Well, to people who aren't experienced as you, they would think they were
just READING and nothing more.  That is the point I am making.
 DD> The simple way around this is to hold  when opening a
 DD> document in Word. This will disable AutoXxxx macros. You have to make
 DD> sure you also aren't running AutoClose macros as well. I delete all
 DD> macros from all documents that I get, after making copies of them to
 DD> study. 
You know and I know you do not necessarily need to have auto macros for
infection.  Take WinWord.Colors macro virus for instance.  
 DD> We get around 4-500 infected documents per day where I work,
 DD> and we are using F-Macro to scan them all. They come in via cc:Mail and
 DD> other methods, so I would consider myself a little more of an authority
 DD> on them than most (except Mikko and Vesselin ;). I've been writing some
 DD> tools that have been very effective in eliminating them from Word
 DD> itself. I'll be releasing them soon.
That's nice to know.
 DD> Remember, Word is the environment, not Windows, Mac, etc. You
 DD> have to RUN the macros in Word to infect. It's JUST like a regular
 DD> virus. You have to actually EXECUTE something.
Yes, but does everyone know that when they supposedly just READ something
that they are also EXECUTING something?
Yes, that is a rhetorical question.
... What a stupid tagline.
--- EzyBlueWave V1.48g0 02fa0029
---------------
* Origin: Vietnam Veterans Bulletin Board Service (3:639/666)

SOURCE: echomail via exec-pc

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.