We help IT Professionals succeed at work.

"Due to the higher frequency we are seeing in word and excel macro based trojans, malware and viruses coming into our inboxes ..."

Anne Troy
Anne Troy asked
on
Is this true for you and/or your company?

I have not heard any such thing until our company added a policy, and now I must enable macros like 50 times a day...

UGH!!!
Comment
Watch Question

Business Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
No, not true for us.

You need to get top notch spam filtering software or service and keep the spam out of your inboxes. An external spam service is the best way to get rid of this stuff.
Steven HarrisPresident
Commented:
Although macros can be abused, I have not seen anything to suggest that this is a viable way to introduce trojans, viruses, etc. I agree with John on the external service, but also take into account that common sense is still the best option for any company, meaning having users delete emails with attachments  they are not expecting among other practices.
Danny ChildIT Manager
Commented:
The days of a VB-based virus are far behind us, as the malicious code is very easy to spot, and hard to make polymorphic (ie self-changing).  If your perimeter defences are good (email scanning etc), I'd say macro protection at the desktop is unnecessary.

IMHO, turning off macros gives a false sense of security.  All the dubious attachments that come into us are HTML based, or EXE.

The only exception I would make is if you're in, say, an educational establishment, where the "insider threat" is much greater, and where students will like to get involved in pranking...
There is always a balancing act between security and convenience. Want secure logins? Create long passwords, which will be secure but inconvenient. And make every login have a unique password. Again, secure but inconvenient.

The same is true for macros. They can be used maliciously, and they can launch automatically. It is safer to disable that automatic launch capability. I do this by choice, because I prefer safety over convenience. I do that for the same reason I use long passwords.

@Steven, what you consider to be common sense is really "technical awareness" which everyone does not have. Basing a security system on "common sense" is as risky as "security by obscurity."
Danny ChildIT Manager

Commented:
I'd also add, that allowing macros to be run on demand is not much of an effective defence - unless you have some effective screening of the macro code first.  And, if you did, why block the macros?
Steven HarrisPresident

Commented:
Thomas, good points; however, rest assured I was not suggesting to base their security on common sense or technical awareness alone.
Anne TroyEast Coast Manager

Author

Commented:
Thanks so much everyone!
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
@Dreamboat  - You are very welcome and I was happy to help