Macro viruses were at one time the most prevalent virus type. Although
mixed threat attacks and Web-based threats are now most common, macro
viruses continue to be among the most common types of file infectors,
especially in Microsoft™ Office documents and compressed files.
Macro viruses are not confined to one operating system—they
are application specific, so they can be spread between DOS, Windows,
Macintosh, and OS/2 systems. With the ability to travel by email, and
the increasing power of macro code, macro viruses remain a true threat.
To combat macro viruses, Trend Micro has developed MacroTrap, a heuristic
scanning method that performs a rules-based examination of macro code
within a document. Macro virus code is typically a part of the invisible
code (.dot, for example, in Microsoft Word) that travels with the document.
MacroTrap checks the code for signs of unknown macro viruses by seeking
out the instructions that perform virus-like activity—for
example, copying parts of the code to other document files (replication)
or executing harmful commands (destruction).
In addition to MacroTrap, IWSVA supports the automatic and global removal
of all macros as they cross the FTP and HTTP gateway (for example as an
immediate but short term solution to a sudden macro virus outbreak).
Applet and ActiveX Security
Copyright © 2014 Trend
Micro Incorporated. All rights reserved.