|
|
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Administrator, IT users
Incoming files which arrive via data media exchange or electronic transmission must be virus checked. This applies not only to regular program files, but also to files which have been created by means of application programs which can use a macro language. Macros with harmful functions are known to have been generated for the application programs listed below:
Other safeguards may be dispensed with as long as an up-to-date virus scanning program which also recognises macro viruses is used. In addition, a test environment may be useful to check transmitted files for macro viruses using the application program. Alternatively, it is possible to process files received using an editor which converts the file to a format in which the macros are unable to run. The received files can also be opened with viewers, which are free for viewing the most common file formats and, likewise, do not allow macros to run.
If possible, documents should only be passed on in RTF format, as no macro language exists for such files so that there is no danger of macro viruses. Files can usually be converted to RTF format without any particular loss in quality.
As a further precaution, users should be shown how they may be able to prevent macros present in files from running automatically. Unfortunately, this differs from program to program and version to version and is not always reliable.
Additional controls:
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
last update: July 2001 |