Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

An extraordinary amount of Cryptolocker outbreaks were due to .docx files containing macros.

Yes, it has a default behaviour of "prompt to execute macros", but it happily shows the advice in the malicious document to "please click yes at this prompt to get a free iPhone", at which point the majority of users click "yes".



I think Swift on Security posted a tweet about this a while ago, with a screenshot of completely banning all Office macros via group policy.


Office macros are really useful, though.


.docx files can't contain macros


Correction: It's .doc files I've seen the majority of this behaviour in.


.docx files could contain macros just fine.


They cannot. Anything that has macros has to be docm.


Sorry, my bad. I meant files in OOXML format.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: