Known malicious macro attachments are detected by SEP's AntiVirus component as W97M.Downloader . There are millions of new distinct samples each week with different filenames and hash values, so protection is constantly being updated. Some resources:Ĭan Symantec Endpoint Protection Stop These Malicious Macros? Yes. xls files arrive by email, are opened by an unsuspecting end user, and here comes a download of Trojan.Cridex or another equally dangerous payload. This has become a very common combination attack: the malicious. The modern malicious spam campaign has been ongoing since at least December 2014. Just as USBs echo floppies as an infection vector, macro threats have come back again. Symantec Delivers Detection and Repair of Word Macro Viruses Technologies to battle them were developed and this attack vector was dead as disco for many years. The first macro virus was discovered in the summer of 1995, back in the days when many threats spread via floppy disk. Whenever their documents are opened, the activity carried out is malicious. Macro viruses are the unwanted variety written by someone with evil intent.
They have been around for decades and are usually quite helpful. Macros are little programs that carry out some action when a document or template is opened.
This article gets down to some practical particulars on how to take a Defense in Depth approach to combat the current flood of malicious macro spam.
This article was last updated in Septem ber 2019. For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This is the tenth in my Security Series of Connect articles.