Click to Save up to $300/yr on calls
- Related Stories
-
Microsoft advises 'safe mode' for Word
May 23, 2006 -
Zero-day Word flaw used in attack
May 19, 2006 -
Happy birthday, Brain.A
January 19, 2006 -
Portable version of OpenOffice.org unveiled
January 6, 2006 -
Google throws bodies at OpenOffice
October 31, 2005 -
OpenOffice celebrates turning 2.0
October 20, 2005
The virus, dubbed Stardust, is capable of infecting OpenOffice and StarOffice, which is sold by Sun Microsystems, a Kaspersky Lab researcher wrote on the Russian company's Viruslist Web site on Tuesday.
"Stardust is a macro virus written for StarOffice, the first one I've seen," the researcher wrote. "Macro viruses usually infect MS Office applications."
The pest is written in Star Basic. It downloads an image file with adult content from the Internet and opens that file in a new document, according to Kaspersky's posting.
Macros are a useful part of any office suite, allowing users to automate repetitive tasks. "These tasks include potentially destructive actions, such as modifying and deleting files, which is why macros are of interest to virus writers," the OpenOffice team wrote in a response to the virus.
To mitigate against the macro virus risk, OpenOffice detects if a document contains macros, displays a warning and will only run the macro if the user chooses to do so, the OpenOffice team wrote.
So far, Stardust is a proof-of-concept virus, which means that it was created to demonstrate that an OpenOffice virus is possible. The virus has not been sent out in the wild and is not actually attacking people's systems.
The story is different for Microsoft Office applications: A yet-to-be-patched security hole in Word has been exploited in at least one recent cyberattack.
A new "macro virus" is like a blast from the past. Viruses have evolved significantly. Boot sector pests were around between 1986 to 1995, followed by macro viruses that exploited early Microsoft Windows operating systems, according to security company F-Secure. The advent of e-mail subsequently propelled e-mail viruses such as the "I Love You" and the Anna Kournikova virus.
See more CNET content tagged:
macro virus,
Stardust,
OpenOffice,
Kaspersky Lab,
StarOffice
picture and include it in a document. It would
be a virus if it: couldn't be readily stopped,
affected other documents, setup a spamming
service, or affected the system (files/security)
somehow. However, the proof-of-concept doesn't
seem to do that.
I think the security is already in place, no?
They still haven't demonstrated it modifying
another document, propagating itself,
downloading additional code from the net, or
doing any of the other things one associates
with a virus.
They were able to write a script that created a
new document with an image in (specified by
external URL). While it might make for some
silly pranks, they have yet to get it to do
something dangerous.
I suppose one could patch it from "prompt user
before running macros" to "never run macros", or
"don't accept hostnames in URLs for images other
than localhost and 127.0.0.*" , but for lack of
something malign I would think that's not
likely.
Why does apple not get viruses? Because it is 5% of the total market share.
Why would virus writers waste there time on a 5% market share
Personally I hope apple and openoffice get slammed a little, its about time.
I wonder who wrote and why?
why? people like you I am so sick of, you are like why would soemone target open source software oh boo boo....
I think its great, lets see how opensource reacts to security threats now, I am thinking not so well
Number of Microsoft macro viruses: Too many to count. Thousands?
Number of macro viruses in every other known product to the entire world: 1
Hmmm...I better jump right out and buy M$ Office, and then subscribe to the MS protection scam to secure the unsecure products they sold me.