Re: [PEN-TEST] MS-Excel Macro's

[Steve Parker <steve () FOGHORNSECURITY COM>]

You can stop Visual Basic scripts from doing some things by hacking the
registry.

For instance, if a VB script tries to automate an Excel spreadsheet,
it will create an object of type "Excel.Application".   Windows looks to the
registry under HKEY_CLASSES_ROOT for a key called "Excel.Application".  That
key holds the CLSID for the OLE automation object for Excel.  If that key is
deleted, VB scripts and macros will not be able to use Excel functionality.

I used a similiar technique to thwart email propagation of VB viruses [delete
Outlook.Application].  It's ugly, but effective.

-SHP

On Thu, 07 Sep 2000, you wrote:
> Hi All,
>
> Silly question. I have written a "nasty" test macro in MS-Excel to test one
> of our production servers that converts email to fax. How does one block
> this? I have removed Windows Scripting Host and have set MS-Excel to prompt
> before running macro's and it still runs.
>
> Our admin has done some checking into this and apparently you can not
> disable it. Can this possibly be true?
>
> Thanks
>
> Benjamin