View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
October 11, 1999

Anti-Virus Firms Challenge Microsoft Over Office Macros

By CBR Staff Writer

By Kevin Murphy

Microsoft Corp is to be challenged over its record on desktop security for the second time in as many weeks, when anti-virus software companies issuing a set of demands to Redmond aimed at reducing the damage done by Office macro-viruses. In an open letter to be published by Virus Bulletin magazine, and signed by Microsoft’s own product manager Larry Tseng, members of the Virus Bulletin Conference 1999 technical panel will make four recommendations on how Microsoft can help the companies fight viruses.

Over 50% of viruses currently on the ‘Wild List’ of viruses currently spreading across the globe are based on the macro function of Microsoft Office applications. As these programs are simple to write (in Visual Basic) and can be run through applications such as Word 97, which are almost ubiquitous on the desktop PC, anti-virus companies such as Sophos Plc and Symantec Corp think Microsoft should be doing more to prevent them.

Paul Ducklin, head of research at Sophos, told ComputerWire the letter will ask that the Office install wizard gives the option to disable the macro function. He said the majority of people do not use macros and if it were turned off, macro viruses would just not work. The letter will also say that macro functions should be stored in separate files to documents themselves, rather than interwoven with, say, Word text. This could stop the spread of infection by allowing users to choose whether or not to email macro data along with a document.

On a similar theme, the panel will recommend that Microsoft should be more open with details of its file formats. It takes them too long to respond to requests for information, said Ducklin, so we have to reverse-engineer the software to be able to understand it. The problem, he concedes, is not malice on Microsoft’s behalf, but the simple size of the software giant slowing down the development of the documentation the anti-virus firms need.

Despite this, Microsoft seems to be developing a reputation for a lack of security on its desktop products (as well as its web-based and server-side problems). Last week, European commissioner Erkki Liikanen voiced the opinions of the cryptography industry when he called for Microsoft to open up the source code to Windows, to allow public key infrastructure software developers more information on the security of the platform they are obliged to work on.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.