Preventing Macro Viruses

Macro viruses are the number one type of malicious mobile code. Here are some recommendations to prevent them from attacking your environment.

Disable Macros in Documents

To prevent most macro viruses (not including multipartite types), don’t open any documents with macros enabled. It’s that simple. Case closed. However, this advice hasn’t worked for the last five years, especially where large corporate networks are concerned, and there is little reason to expect it should in the future. Plus, there are times when a legitimate macro needs to be executed (installing a new program that interfaces with Office). The following suggestions, in order of decreasing impact, will help lessen your chances of getting infected by a macro virus. All have their side-effect consequences that must be weighed against the benefit in your particular environment.


Disabling macros will sometimes cause Office applications to generate the following message, “The macros in this project are disabled,” over and over while working with the document that contains macros.

Upgrade All Versions of Office to the Latest Version

Rarely will you find me pushing anyone to spend money for an unnecessary upgrade. However, if you use Office, the early versions do not warn users of embedded macros and do little to prevent their spread. I recommend that if you are having a problem with macro viruses, upgrade to Microsoft’s latest version of Office. It contains strong security against macro viruses, ...

Get Malicious Mobile Code now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.