Safeguarding Against Macro Viruses

 < Day Day Up > 



Although the overriding purpose of macros is to streamline common tasks and procedures performed in Word and other applications, the unfortunate fact is that macros can also serve as a breeding ground for computer viruses. A macro virus is a type of computer virus that originates within a file, a template, or an add-in. As a Word user contemplating security issues, you need to be aware of macro viruses and how you can configure Word to assist you in recognizing when a macro might present a risk.

Note 

Microsoft devotes a number of areas on its Web site to security issues. For example, if you want to find out more about security, visit http://www.microsoft.com/technet/security and http://www.microsoft.com/security. You can also visit the Office site, at http://www.microsoft.com/office, and search for security using the Search This Site text box.

Preventing Viruses in Word Documents

One strategy you can use to combat macro viruses when working in Word is to attach digital signatures to macros to identify their origin. Then, if you trust the origin of the digital signature, you're safe to enable the macro. Keep in mind that digital signatures enable you to identify and run macros from trusted sources; they do not locate and eliminate viruses.

In addition to using digital certificates, which can provide assurance regarding the person from whom a file or macro originated (as discussed in "Using Digital Certificates to Digitally Sign Files and Macros"), you can specify how you want Word to react when it encounters documents that contain macros. To do this, you set Word security levels, as described next.

Tip 

For the best protection against viruses, you should purchase and install third-party antivirus software to work in conjunction with Word's security settings.

Setting Word Security Levels

When Word encounters a document, it determines whether the document contains macros. If the document doesn't contain any macros, Word opens it without any warnings. If the document contains macros, Word opens it based on the current security settings. In Word, you can choose one of the following three levels of security:

  • High This setting allows only signed and trusted macros to run. When you use this setting, you can run only macros that have been digitally signed and are listed as from a trusted source. Unsigned macros are disabled automatically before the file is opened.

  • Medium This setting generates prompts asking whether you want to enable or disable macros on a file-by-file basis. Whenever a file containing macros is encountered that's signed by a source not listed as a trusted source, Word allows you to choose whether you want to enable or disable the macros when you open the file.

  • Low This setting turns off all macro security warnings and trusts all macros. In other words, all files, including files that contain macros, will always open without a warning when you configure Word with the Low security level. You should consider using this setting only if you have installed the latest version of a virus scanner, if the most current virus signature files for your virus program are installed, and if you're absolutely sure that the documents you're opening can be trusted.

By default, Word's security is set to High, the recommended setting. To display Word's security options, choose Tools, Options, click the Security tab, and then click Macro Security. In the Security dialog box, click the Security Level tab, as shown in Figure 28-16. You can specify any security level, but you should consider retaining Word's High security level setting unless a particular need arises that requires you to lower your security settings.

click to expand
Figure 28-16: The Security Level tab in the Security dialog box enables you to specify how Word should react when you open a document that contains macros.

Viewing and Removing Trusted Sources

When you open a file that includes signed macros (and the signer isn't included on your trusted publishers list, as described in this section), you'll be asked whether you want to trust all macros from the signer. If you click Yes, the signer will be added to your list of trusted publishers. Before you add a signer, you should carefully review the publisher's certificate. You should especially review the certificate's Issued To, Issued By, and Valid From fields. After you add a signer to your trusted publishers list, Word will automatically enable macros signed by the publisher in the future. If you've upgraded to Word 2003 from an earlier version of Word, the Security dialog box includes the Prior Trusted Sources tab, which lists sources you've trusted in earlier versions of Word. As you add new trusted sources, they'll be added to the Trusted Publishers list.

If you later decide that you'd like to remove a signer from your trusted publishers list, you can do so at any time, as follows:

  1. Choose Tools, Options, and click the Security tab.

  2. Click Macro Security to open the Security dialog box.

  3. Click the Trusted Publishers tab or the Prior Trusted Sources tab, as shown in Figure 28-17.

    click to expand
    Figure 28-17: If you've added any sources to your trusted publishers list, they'll appear on the Trusted Publishers tab or the Prior Trusted Sources tab in the Security dialog box.

  4. Select the publisher you want to remove, click Remove, and then click OK.

Microsoft digitally signs all templates, add-ins, and macros shipped with Office. After you add Microsoft to your list of trusted publishers for one of these installed files, all subsequent interactions with these files will not generate messages.

Tip 

Add your Selfcert.exe certificate to your trusted publishers list  Office applications will allow you to add the owner of an unauthenticated certificate (such as a Selfcert.exe certificate) to the list of trusted publishers only when the certificate is used on the same computer on which it was initially created. This means that you can create a certificate using Selfcert.exe and sign your own personal macros, and you can trust that certificate on your computer. But if you attempt to share your file with other users, they won't be able to run your macros if their security is set to High.



 < Day Day Up > 



Microsoft Office Word 2003 Inside Out
Microsoft Office Word 2003 Inside Out (Bpg-Inside Out)
ISBN: 0735615152
EAN: 2147483647
Year: 2005
Pages: 373

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net