yea right its a piece of garbage anyway try the best you no what it is.

[arnold]
It's naht a virus.
[/arnold]

dude it was tumor, or were you making a joke?

Are we really at the point in computer security where we have to say the computing equivalent of "if you touch fire, you may get burned"? This is an analogy to the process from the days when home computing was relatively new, of being handed a diskette by a friend (or, for example, a sales person at a computer show) and being told to run the content of the diskette when you get back to your computer. People who did it without scanning for malware first took a risk, through ignorance or recklessness. Such people were labelled "stupid" when they caught something nasty. Why do people believe that the burden of responsibility moves now that such malware can be delivered electronically? It is the responsibility of the user to protect themselves, particularly if the vendor (the examples here being OpenOffice.org and Microsoft) has taken reasonable care to ensure that macros don't run without prompting. We should also not forget here that it is in the financial interest of certain companies to report "virus" sightings, even when the companies involved know well enough that what they are reporting is not a virus by definition.

To me, some of the comments posted here smack of the nanny-state mentality that brought about the lawsuit McDonalds Corporation had to face because they didn't tell their customer that the coffee they were selling was hot.

People who need this kind of wet-nurse approach to the use of what is now a commodity item like a microwave oven or a TV should perhaps consider whether possession of a computer is sensible for them.

I agree wholeheartedly, graphiteuk. Unfortunately the general populace is far too stupid to accept responsibility for their own actions, and even when a company takes steps to warn a user about potential hazards, it's not enough. You McDonalds analogy is a good one: 'Caution: liquid is hot' printed on the cup is obviously not enough. It needs to be in BIG RED LETTERS, and the attendant needs to warn you twice verbally that yes, we actually DO serve hot coffee. :P

I'm happy with Darwinism in this case - if people are stupid enough to run a malicious macro (not a virus, btw, just malicious code) then they deserve what's coming to them. If they don't know how to use a computer safely, learn, or don't use one. I don't know how to use a forklift safely, so I'd either learn to use it, or not use them at all. Whatever happened to common sense?

If you haven't notice common sense no longer exist. Especially in the United States, people just sue for any reason because it's easy money. What's there to lose? Worst that could happens is the judge throw out the case. People were suing fast food chains because their food "make" them obese. Investors suing funds managers because the market took a nose dive and their fund just lost 50%.

First off think about this..

This macro isnt self replicating so whoever sends this file to you, knows you have open office - so your probably know them. Whats the market share of open office less then 5%?

I love people who use the world Virus - when its not. These techno idiots that dont know the 1st thing about computers or the net, and just throw internet lingo around like they know what they are talking about.

OpenOffice offers similar macro security to Microsoft Office, i.e. it'll prompt by default, by you can similar disable warnings or further restrict macro use in the Options menu.

I'm no programmer, but perhaps it would be feasible to set OpenOffice to give a strongly worded warning (regardless of macro security setting) where files are to be deleted.

I guess they are in a bind either way; to many warning prompts will inevitably annoy users, while removing support for such commands will make the program useless to others.

I wouldn't know. Notepad and Wordpad don't have Macro features ;) :P

What OO did was just like what FireStone did years ago. They said their tires are fine. Of course they were fine until accidents actually happened.

I very clearly remember Apple saying the same thing in recent months... It's not a virus! Macs don't get viruses-- we get User Initiated Executable File Transferance also known as ID#10-T error.

Uh?

Come on JacenSolo, surely you remember the Apple virus that propogated through iChat and a couple other issues earlier in the year.

That's great news for OO. You know you've made it when you are worthy of attacks.

I must not understand the purpose of productivity suite macros. Why would a macro need to have the ability to delete files on your system? I can understand a macro being used to generate a batch process of files - but even then, executing this in a temporary folder and prompting with a 'always trust this macro with overwriting' message would make this safe.

The purpose of a macro is for a user to simplify a number of steps into one action. It is up to the user to decide what those steps are. There are great many different needs out there. Some users may desire the destruction of files after other steps (such as the file having been printed/emailed/displayed) have been taken.

I found a new multiplataform proof of concept virus. It arrives in email. Just write an email faking it comes from a RIAA department, and wirte something treathfull like "We know you are sharing illegal files throughout p2p networks and you will be called before a jury by the end of the week"

It is only affects some users of any plataform, making them delete their mp3s and videofiles

Now that is just stupid. Just keep thing that openoffice, and you will have more problems.

I beg to differ. The problem is in between the keyboard and the chair, not in the software.

- User downloads malicious file, and let's say it automatically opens in open office
- User is prompted to run macro
- User presses yes and the macro does whatever macros are allowed to do

Or:

- User downloads e-mail with attachment
- User opens the PIF/BAT/CMD/EXE/COM attachment
- User ignores security prompt (assuming the software has one) and runs the file which can probably do much more than a macro

Or:

- User runs Internet Explorer and surfs around
- User is locked in an endless loop of ActiveX prompts that will not stop until the user permits one to run. User blindly clicks Yes, ActiveX plugin launches and gets administrator priviledges and can do as it pleases.

These are not security holes, unless you consider the user a security hole. It's not OpenOffice.org's problem if a user is going to knowingly permit code from an unknown source to run on his computer.

"- User runs Internet Explorer and surfs around
- User is locked in an endless loop of ActiveX prompts that will not stop until the user permits one to run. User blindly clicks Yes, ActiveX plugin launches and gets administrator priviledges and can do as it pleases."

When I press no or don't click on the yellow bar it does not send me in an endless loop. If you say there is no problem because it is a user problem then 85% of all virues/spyware/malware on the PC does not exists then.

"When I press no or don't click on the yellow bar it does not send me in an endless loop."

maybe not,
but it can,
and does on an many unprotected (or non updated) computers

Yeah, I was referring to the ability of a javascript (only way they could do it) to force the reload of an activex control until you allow it to run (or until you kill iexplore.exe). I would hope this would have been stopped by now but I don't know for sure.

At any rate, I'm sure plenty of users click "Yes" to ActiveX prompts that they weren't expecting.

Is it Microsoft's fault if the user isn't running a virus scanner?

Show me a site that does, I have gone to many sites that were infected, (running an XP Pro SP2 machine fully updated no AV) and have not gotten anything. For that matter I have not gotten any Virues or malware in the last 7 years.

Umm, yeah! lol... I mean, it's always someone else's fault and never the user's! Someone, somewhere should have done something to stop the user from being a moron! :)

I don't know what macros can do, but if it's anything like what batch can do, then it needs a few warning labels attached. I also don't know what they currently have in there, but here's a few good ones I rarely see...

1) "Script creates a file with unstandard extension. (.%1)"
2) "Script deletes a file with unstandard extension. (.%1)"
(any .xxx not savable by OO.o)

3) "Script deletes a file not in the current directory."
4) "Script attempts to delete a file currently opened."
5) "Script deletes files not created within the script."

6) "Script running for the first time. Continue?"

Doesn't attempting to delete an open file result in an error?

I know whnever I try and delete files in explorer that are open, I can't :( (same for Rename)

Depends on the program. Some programs keep files open, others don't.

Explorer gives you an error message, but batch scripts usually just silently fail, unless you have them output everything they're doing(which often results in so much stuff to read that nobody pays attention to errors, or even sees them).

depends what operating system you use. you can delete currently running programs on linux.

Technically it may not be a virus, but a vulnerability is a vulnerability. I hope those guys are ready for anything--they've just asked the hackers to prove them wrong. If there is any possible way to do so, they will soon have to retract that stupid comment.

Hackers are like kids (some ARE kids, too) give an inch--they'll take a mile. You just dared them to break your software...

good thing that they said this. Otherwise it would have been a big issue to openoffice and staroffice to get off in the next couple of years in the global market.
-GGR

Denial of a problem is going to make a difference? I don't think so, nice try.

They have been taking lessons from Microspud I see

What "problem"?

A small potato?

lmao....not just any small potato, but one you have to put under a microscope to see.

Yep Microsoft has taught everyone well. We all now know that the first step to solving a problem is to tell everyone the problem doesn't exist or that it's a feature.

Gee, why didn't MS just do this?

We don't have a Virus? Where? Noo, not us, we are invulnerable..

Yeah, so was superman, now look where He is..

Technically this isn't a virus because it doesn't replicate itself and using OO's default settings macros ask before executing. Can the same be said for the MS Office vulnerability?

Not positive, but I think so. I always have to enable macros manually on a fresh office install.

But does it prompt you before running? Does it warn you if a script(macro?) contains commands to delete files?

Depends on how it is confgured. On my home machine, I have it prompt everytime...its annoying as hell.

"Does it warn you if a script(macro?) contains commands to delete files? "

i'd hope you'd know what was in a macro you were running
if not, you deserve to get a virus from it

what the hell was superman doing riding a horse anyway? i mean i know all actors have the powers and personalities that they portrey on the big screen so we all know he could really fly.