Statement on the Proof of Concept Macro Virus
There has been press comment recently about a "proof-of-concept macro virus" affecting OpenOffice.org and reported in a blog at an anti-virus company. [1]
Macros are a useful part of any office suite, allowing users to automate repetitive tasks. These tasks include potentially destructive actions such as modifying and deleting files, which is why macros are of interest to virus writers.
The "proof-of-concept macro virus" showed that it is possible to write a simple "virus-like" program using OpenOffice.org's macro language. This is a known risk with any capable macro language. To mitigate against this risk, by default OpenOffice.org detects if a document contains macros, displays a warning, and will only run the macro if the user specifically agrees. This behaviour conforms to industry best practice.
The OpenOffice.org engineers take the security of the software very seriously, and will react promptly to any new issues. This "proof of concept" virus is not new information, and does not require a software patch. Technically, it is not even a virus, as it is not "self-replicating" - with OpenOffice.org's default settings, it cannot spread without user intervention.
However, the OpenOffice.org community repeats the consistent message from security experts that users should never accept files from unknown sources. For any security issue, please visit OpenOffice.org's Security Team page [2] and send a note to security@openoffice.org.
[1] http://www.viruslist.com/en/weblog?weblogid=187738337
[2] //security/
- The OpenOffice.org Team