| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Office 2003 may pose antivirus problem | |
|
||
| Time: 11:44 EST/16:44 GMT | News Source: CNET | Posted By: Chris Hedlund | ||
|
The latest test version of Microsoft Office 2003 could cause problems for antivirus companies because the XML-based format it supports will bog down scanning software, according to security experts. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 313 Last | Next |
The time now is
3:17:47 PM
ET.
Any comment problems? E-mail us |
| #1 By 37 (66.82.20.150) at 3/24/2003 11:50:44 AM |
| Sounds like the AV companies have some work ahead of them. It's good for em'. It will help them sell yet another version that supports XML. |
| #2 By 7826 (65.205.133.2) at 3/24/2003 11:51:37 AM |
| Don't you think after more than 10 years, those antivirus companies should come out with better technologies than blindly scan the files for a few signiture bytes of virus? |
| #3 By 2960 (156.80.64.132) at 3/24/2003 1:41:54 PM |
|
I have a better idea...
Instead of looking at it reactively (AV software updates), it sure would be nice if MS was PROactive for a change and dealt with these issues while the product was being developed. TL |
| #4 By 135 (209.180.28.6) at 3/24/2003 1:47:00 PM |
|
TechLarry - Like they did in Office XP?
Or do you mean the Unix way where you don't provide the functionality to the endusers because you know better than them? |
| #5 By 7797 (63.76.44.252) at 3/24/2003 3:27:15 PM |
| sodablue: I dont get it. TechLarry has a completely valid point. He said nothing about Unix. He said it would be nice if MS was proactive for a change. Whats wrong with that statement? He's not MS bashing. He's giving constructive critizism. Are you too closed-minded to understand that? |
| #6 By 6859 (206.156.242.36) at 3/24/2003 3:30:24 PM |
|
Another problem is that to test like a virus writer you have to really, really, have their mindset. Which MS doesn't have. A malware author will script code in such a way as to actually break software so as to introduce their malicious code. MS doesn't want to break their code, they want their code to work.
Perhaps if there was no blank space in code and each program, dll, or whatever had a hidden CRC32 checksum that was referenced every reboot to see if the file was altered (and presumably if altered then replace with last archived "good" copy.) I'm sure they'd find ways around that too. But it would make the virus writer's job that much harder. After all, how can they introduce their code into the program if (a) there isn't room; and (b) it would alter the CRC of the file? Then they'd be stuck making standalone viruses, which could be scanned and deleted with relative ease. Of course MS needs to get away from how the Registry works as well. Too much abuse, not enough restriction on who/what can see, write, or delete entries. Especially in the Run, RunOnce, or RunServices sections... |
| #7 By 2459 (24.170.151.19) at 3/24/2003 3:58:59 PM |
|
TL/tgnb, the ones that should be proactive in this case are the AntiVirus companies. The problem isn't a need to add macro headers to the WordML, etc., file formats. The problem is that the AV companies need to adapt their products to efficiently scan XML files. Microsoft isn't the only company that is using XML currently or will be using XML in the future. The AV companies are asking MS to provide them with a workaround so that they don't have to deal with the actual problem. MS' Office apps aren't likely going to be the only apps that read/execute (or try to read/execute) the code in the files. Suppose OpenOffice, etc., ignores the headers in the file and executes headerless macros anyway. This is just one case of many where the AV checking could be bypassed.
Are the AV companies going to ask for and expect everyone to include headers or other hints in their files simply to help them not do their job and improve their products? There will most certainly be other XML-based file formats that contain executable instructions. With Apple, Star/OpenOffice and others utilizing XML for their file formats, this same type of problem will eventually surface on multiple platforms. The AV companies need to create a real fix. |
| #8 By 7797 (63.76.44.252) at 3/24/2003 4:21:59 PM |
| JaggedFlame: TechLarry didn't say MS ISNT being proactive. He said it would be nice if they WERE proactive for a change. If you as a beta team member can confirm that they actually ARE being proactive for a change then great, everyone's happy. |
| #9 By 7826 (65.205.133.2) at 3/24/2003 4:59:03 PM |
| As long as MS offers capabilities in Office document (scripting and macros), there is always a way to introduce virus into it. |
| #10 By 135 (209.180.28.6) at 3/24/2003 6:52:50 PM |
|
tgnb - Because I hear the same comment over and over and over again, and it always comes from the Unix folks. "Microsoft doesn't think about security... of course we don't have to worry about that problem because no endusers actually want to use our software, but that's just cause we're smarter than those lusers... blah blah blah
So I'm sorry if I don't take the comment all that seriously. Furthermore, in the past two years anyway the problem of viruses in Office products has really been pretty much non-existent. i.e. since the release of Office XP. There just haven't been the outbreaks that we used to have issues with. This is a combination effort of smarter AV authors, and also proactive changes to capabilities in Office. So perhaps this isn't a problem, and we should instead be focusing on other issues? |
| #11 By 7797 (64.105.197.82) at 3/24/2003 8:38:18 PM |
|
sodablue: with your response you are Unix bashing although neither me nor TechLarry brought up unix nor have you answered ANY of my questions:
"sodablue: I dont get it. TechLarry has a completely valid point. He said nothing about Unix. He said it would be nice if MS was proactive for a change. Whats wrong with that statement? He's not MS bashing. He's giving constructive critizism. Are you too closed-minded to understand that?" care to take another stab at it? |
|
Write Comment
Return to News |
Displaying 1 through 25 of 313 Last | Next |
The time now is
3:17:47 PM
ET.
Any comment problems? E-mail us |
