MS Office will power .net worm

Developments in Microsoft Office System 2003, due to be launched next month, could lead to the creation of the first .net-based...

Developments in Microsoft Office System 2003, due to be launched next month, could lead to the creation of the first .net-based worm, it emerged this week.

Word macro viruses have plagued users of Microsoft Office since the Melissa worm first appeared in April 1999, costing businesses millions of pounds in repair work and downtime.

But the release of Office System 2003 will provide a far more powerful mechanism for embedding potentially malicious code in Word, Excel and Powerpoint, based on Microsoft's .net technology.

Ivo Salme, product manager for Visual Studio at Microsoft, said, "Understandably, people will try to write a .net-based macro worm."

Microsoft has improved security in Office using what Salme described as a policy engine. This allows IT departments to set security policies that determine whether users have the right to run .net code coming into the company as an Office e-mail attachment.

Jan Sundgrem, industry analyst at Forrester Research, warned that although blocking .net -based Office attachments may provide security against a .net worm, in practice it may not be feasible without disruption to the business because such e-mail attachments are extremely popular.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close