:: NORMAN :: Antivirus | Firewall

Home

News

Products & services

Virus & security

Support

Download

Partner

Purchase

Select country

Select product

Virus & security » Security Information » 2000 » Computer viruses in non-Microsoft products

Computer viruses in non-Microsoft products

Add to My Norman Bookmarks

Security Information Week 8, 2000

Visual Basic for Applications (VBA) is Microsoft's programming language used to enhance the functionality of some of its programs, particularly the products in the Office suite. This programming language is very popular for virus writers and a large part of the macro viruses which exist is programmed in VBA. In addition to the fact that Microsoft's products are extremely wide-spread, this may be one of the major reasons why Microsoft's Office products are the kind of applications most targeted by (macro) virus writers.

Recently however, VBA is becoming more accepted by non-Microsoft products, as other software vendors have been licensing this technology from Microsoft to use in their own applications. Depending on the implementation (e.g. limited functionality), these products may become a target for virus writers, and correspondingly a new challenge for the virus control companies.

The latest such new platform that is hit by macro viruses is Visio. Visio, recently acquired by Microsoft, has been able to use VBA since version 5. Visio 5.x is using VBA5 and Visio 6.x is using VBA6. Visio files usually have filename extension in the set *.VSD., *.VSS, *.VST, *.VSW. Macros created for Visio are stored in a compressed and embedded state and therefore may cause some problems in detection without the necessary research. Norman has updated its Norman Virus Control technology to support this new platform.

Norman would like to emphasize that the macro viruses currently known to infect the Visio-platform are not in the wild and do not cause any problem.

If you are using a product that has VBA implemented and if the VBA functionality or setup allows you to use whatever form of built-in virus protection, it can not harm to enable this feature. Even though this setting can be changed by any VBA macro, not necessary a macro virus, it may catch that first threat to your organization.

Norman is keeping a close eye on this continuous evolving market and will support virus detection/removal as soon as possible for all these new platforms.

Per Olav Førland

CURRENT VIRUS THREATS

Medium risk
15	Aug	08	AntiVirus 2008
24	Oct	07	Pidief.A
24	Jan	07	Tibs
25	Sep	06	Stration
18	Jan	06	Small.KI
12	Sep	05	Bagle.CS
17	Aug	05	Zotob.B
08	Jun	05	Mytob
17	Feb	05	MyDoom.AQ
26	Jul	04	MyDoom.L
25	Mar	04	Netsky.P
Low risk
05	Mar	07	Viking.GT
27	Jan	06	Feebs
16	Jan	05	MyDoom.AH
22	Apr	04	SDBot
30	Mar	04	Netsky.Q

Latest virus definition file published

>>	2009-01-07

Security Information

>>	Summing up 2008 and predictions for 2009
>>	Christmas time - a season to enjoy AND fear

Security News and Advisories

>>	Unscheduled update for Microsoft Internet Explorer
>>	Six critical updates for Microsoft systems in December 2008

Norman is one of the world’s leading companies within the field of data security. With products for antivirus (virus control), personal firewall, antispam, and encryption, the company plays an important role in the data industry.