Dell Admin
asked on
OLE macro-enabled files are marked as viruses ?
We use Spamtitan email filtering appliance connecting to Exchange servers.
Since OLE macro enabled attachments were recently marked as viruses, it has been so confusing regarding how we deal with the attached files sent via emailing. We use Microsoft Word document a lot and usually macros are used. Now according to the new rule, macros are equal to viruses. All emails with macro-enabled attached files got rejected but our virus-protection app (AVG) doesn't think they are viruses. Here are my questions:
1. What can we do if macros are needed in our documents and we need to send the document files with macro via emailing?
2. Why are macros equal to viruses? Isn't it right not all macros are viruses? Only macros infected with viruses are what we need to concern, right?
We don't want to disable that feature as we believe there must be a reason for it. What do you suggest? Thanks.
Since OLE macro enabled attachments were recently marked as viruses, it has been so confusing regarding how we deal with the attached files sent via emailing. We use Microsoft Word document a lot and usually macros are used. Now according to the new rule, macros are equal to viruses. All emails with macro-enabled attached files got rejected but our virus-protection app (AVG) doesn't think they are viruses. Here are my questions:
1. What can we do if macros are needed in our documents and we need to send the document files with macro via emailing?
2. Why are macros equal to viruses? Isn't it right not all macros are viruses? Only macros infected with viruses are what we need to concern, right?
We don't want to disable that feature as we believe there must be a reason for it. What do you suggest? Thanks.
Are you able to add the source of the macro enabled files to a Trusted Source list?
Well, it depends on your companies security strategy..
Normally don't send such Office documents. Send the data instead and let the user import it and run the macro of a template he got over a secure line (fs). If it is really required, then use signed macros.
Normally don't send such Office documents. Send the data instead and let the user import it and run the macro of a template he got over a secure line (fs). If it is really required, then use signed macros.
IMO ste5an is correct. When it comes to incoming email, any Office file containing a macro should be considered guilty until proven innocent. If Microsoft gives Office files with macros the hairy eyeball when opening them, then you should too. It starts with just a nose through the door, and then pretty soon the rest of the camel is inside the tent and you're outside looking in.
This is particularly problematic when somebody spoofs an email from the CEO or management. Few people would dare to call the CEO and say "Did you send me this document with an executable macro in it?"
https://www.howtogeek.com/171993/macros-explained-why-microsoft-office-files-can-be-dangerous/
This is particularly problematic when somebody spoofs an email from the CEO or management. Few people would dare to call the CEO and say "Did you send me this document with an executable macro in it?"
https://www.howtogeek.com/171993/macros-explained-why-microsoft-office-files-can-be-dangerous/
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
just compress the file(s) in to a ZIP file. if the ZIP file still can be detected with built-in macro code, compress the file using a password.
because macro is considered some kind of executable code, therefore it is technically possible to bring malicious code into a Word document and distribute it via emails.