Link to home
Start Free TrialLog in
Avatar of jana
janaFlag for United States of America

asked on

Beside running Anti-Virus and Anti-Spam, what else can we do assure the a PowerPoint file is Safe

Hi, we have various power-point files sent to us and wanted to know if there is no malicious code (maybe like VBA) within them.  We have run anti-virus and anti-spam and all ok.  Any other thing we can do to assure the PPT is safe?
Avatar of Ramin
Ramin

just have a real-time decent antivirus software running and updated is enough to keep your system safe.
I generally agree with the above.

The MOST important tool in your arsenal is Common Sense. Do not do silly things; do not go to dodgy websites; never open emails from strangers; and, oddly enough, beware your naive friends.
if you don't know where the file is from - dump them

instead of opening the files directly from your email, you can save the files to a temporary folder and scan them with your antivirus app

if everything checks out, you should be OK
Avatar of jana

ASKER

Prior placing the question, that is what we did: download and scanned them.  The results where ok, no infection.

However, since Word, Outlook, Excel one can create VBA code to execute almost anything, we wanted to know if the PPT files received has any VBA code?

Hope we are expressing what we want to do.
A top grade antivirus product should determine this without issue.
SOLUTION
Avatar of Echo_S
Echo_S
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of jana

ASKER

Thanx! That was we needed!
What if the Powerpoint has embedded links? You would need a good inbound email filter to unpack and scan recipient URL destinations or a good web filter / UTM system also.
Having chatted with Echo and for completeness in case any other user reads the above answer ID: 42043785, it is actually possible to craft a non-addin PowerPoint macro-enabled file (.pptm, .potm, .ppsm) that will automatically run embedded VBA code when the file opens, IF the user's security settings in PowerPoint permit it. I use this technique legitimately for some clients, for example when content needs to be updated automatically when the file is opened. But of course, it could be used maliciously too. That's why I recommend not running code that is not digitally signed. If it's good enough code to justify sending to users and expecting them to execute it, it's not really good enough to not sign it.
Avatar of jana

ASKER

Will open another related question for another part we want to understand.