[2631] in WWW Security List Archive
Re: ActiveX security hole reported.
daemon@ATHENA.MIT.EDU (Stephen Cobb)
Thu Aug 15 18:23:38 1996
Date: Thu, 15 Aug 1996 16:17:03 -0400
To: Todd Merritt <tmerritt@u.arizona.edu>
From: Stephen Cobb <stephen@iu.net>
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
At 12:35 PM 8/15/96 -0700, you wrote:
>> comes from the disinfection process, not the payload. I have personally
>> spoken to IS managers who have several thousand machines infected with the
>> winword.concept virus and so far, a foolproof, automated disinfection
>> program does not exist, which means a lot of labor intensive cleanup work to
>> rid the company of the virus (given that spreading viruses, however,
>> "harmless" to clients and business partners is currently considered
>> unacceptable corporate practice).
>>
Todd Merritt wrote:
>Kinda off topic, but you can disable the autoload and autosave macros and
>effectively prevent infection from any type of macro "virus".
>
This is true, and people are doing this. But consider the big picture.
Powerful autoloading macros were the heart and soul of the Microsoft sales
pitch to corporate users. Some companies invested tens, if not hundreds, of
thousands of dollars worth of development time in macro-based document
processing automation. Microsoft's suggestion that people "simply" turn off
autoload is a bit like GMC saying "those cars will be fine, just don't put
them in gear."
Respectfully...Stephen
