Bugtraq mailing list archives
Re: Melissa Macro Virus
From: brett () LARIAT ORG (Brett Glass)
Date: Tue, 30 Mar 1999 22:29:40 -0700
Melissa doesn't just infect NORMAL.DOT. It also infects anything you open after you've opened the infected document. Read the code.... --Brett At 02:10 PM 3/30/99 +0200, Bronek Kozicki wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There is another kind of protection (and I used it sucesfully in my network for last few months). Just set NORMAL.DOT read only attribute. When exiting Word user will be warned with message "unable to save modified Normal.dot" - he/she then comes to support, and then we know that we have problem. Of course - normal.dot is placed in user's profile. This is pretty simple kind of protection against macro-viruses in Word. Bronek Kozicki - -------------------------------------------------- ICQ UID: 25404796 PGP KeyID: 0x4A30FA9A 07EE 10E6 978C 6B33 5208 094E BD61 9067 4A30 FA9A
Current thread:
- Re: IE 5.0 allows reading and sending local files to a remote, (continued)
- Re: IE 5.0 allows reading and sending local files to a remote Andrew Tulloch (Mar 31)
- Procmail scanning for hostile macros in Microsoft document e-mail John D. Hardin (Mar 31)
- Excel variant of Melissa Marcel de Haas (Mar 30)
- Re: Excel variant of Melissa Ken Pfeil (Mar 31)
- Re: Bug in xfs Roman Drahtmueller (Mar 30)
- Re: Bug in xfs Matthieu Herrb (Mar 30)
- Re: Bug in xfs Juha Virtanen (Mar 30)
- Re: Bug in xfs Alan Cox (Mar 31)
- [support_feedback () us-support external hp com: Security Bulletins Patrick Oonk (Mar 31)
- Re: Melissa Macro Virus Bronek Kozicki (Mar 30)
- Re: Melissa Macro Virus Brett Glass (Mar 30)
- Re: Melissa Macro Virus Dimitry Andric (Mar 31)
- Potential vulnerability in SCO TermVision Windows 95 client JJ Gray (Mar 31)