Any way to disable the macros in a Word docm document _before_ opening?
I'm curious to see what those folks who love me so much are trying to pull ;-) ...Jim Thompson
-- | James E.Thompson | mens | | Analog Innovations | et | | Analog/Mixed-Signal ASIC's and Discrete Systems | manus | | STV, Queen Creek, AZ 85142 Skype: skypeanalog | | | Voice:(480)460-2350 Fax: Available upon request | Brass Rat | | E-mail Icon at
formatting link
| 1962 |
Why are Democrats such sore losers?
I can understand the losers part, they are, by nature, losers.
It used to be possible to open Turd documents in Wordpad (? the RTF version of notepad)
Sometimes it was possible to see /earlier/ unexpurgated versions of the document, which could be very valuable when trying to understand what corporate masters were /really/ trying to say :)
Or open in OpenOffice on a live disk just booted from DVD.
I don't know what a docm file is as compared to a doc or docx file. But whenever I open office documents with macros I get a warning and an offer to disable the macros. Hmmm... for some reason I don't currently get that as an option, it says my security setting does not allow the execution of macros. I must have inadvertently changed that. Fixed!
I use LibreOffice and I think it is great! Much less frustration than MS Office.
DOCX files are ZIP files with the main content in XML. You can unzip them to peruse the contents - but you hav eto look past a lot of crap to see the content.
These are _docM_, "MACRO-enabled" file type is what is showing in Windows Explorer.
So I guessing if I open them the macros will do their inglorious thing.
So I was looking for a way to disable macros first. ...Jim Thompson
--
| James E.Thompson | mens |
| Analog Innovations | et |
| Analog/Mixed-Signal ASIC's and Discrete Systems | manus |
| STV, Queen Creek, AZ 85142 Skype: skypeanalog | |
| Voice:(480)460-2350 Fax: Available upon request | Brass Rat |
| E-mail Icon at http://www.analog-innovations.com | 1962 |
Google search "how to disable marcos in word documents"
1st response:
------------(quote)------------- Word
Click the Microsoft Office Button , and then click Word Options. Click Trust Center, click Trust Center Settings, and then click Macro Settings. Click the options that you want: Disable all macros without notification Click this option if you don't trust macros.
-----------(end quote)-----------
Much as I don't trust Google, is this what you are looking for?
John ;-#)#
--
(Please post followups or tech inquiries to the USENET newsgroup)
John's Jukes Ltd. 2343 Main St., Vancouver, BC, Canada V5T 3C9
(604)872-5757 or Fax 872-2010 (Pinballs, Jukes, Video Games)
www.flippers.com
"Old pinballers never die, they just flip out."
Set your global preferences to never run macros or to ask every time if you can be sure you will never be daft enough to run them by accident. (If you don't use macros this is a sensible precaution)
Assuming Office 2010 or similar it should be something along the lines of
File Options Trust Center Macro Settings
I have disabled with notification. I use macros sometimes. You probably want disabled without notification.
I thought MickeySoft had made their macro configuration default slightly less unsafe than it used to be in the bad old days.
You may also need a macro password cracker too since most of the malware isn't daft enough to leave their code easily visible. It would score quite highly on the obfuscated code competition.
You do this at your own risk! Password crackers and video stream grabbers are notorious sources of PUPs and other malware.
It is easier to throw the code at VirusTotal for its name and then look up what the thing was trying to do to you on an AV site.
formatting link
That site is particularly handy when a zero day exploit comes along that your own AV can't see since there is a chance one of the others heuristics will recognise it as a derivative work with hostile intent.
I also forgot to mention that .DOCX and .DOCM are actually ZIP encapsulated and as such are also vulnerable to direct attack against buffer overrun weaknesses in the ZIP decoder which could be triggered even before the embedded macros are executed. Same with unsolicited PDF files - there are new vulnerabilities recently found in creatively malformed JPGs that can gain enough privileges to alter the system.
Unless you can open the thing in a very robust throwaway VM sandbox it isn't worth the risk of trashing your system for curiosity. If something gets past you then you may not notice anything has happened until one
trash". (by then everything will be hard encrypted)
Wrap your "viewer" in a sandbox. Open document (photo, etc.). Close document. Examine turds left *in* the sandbox. Use this to decide how much you trust the document and its source!
If it's the same stuff doing the rounds worldwide, it will contain javascript to connect via the 'net (at some future time) to a remote machine to download the true payload. May be ransomware, ain't about to find out.
I get anything up to ten a day, some with a "visible" zip attachment and some embedded. In all cases which I have examined, the key ".js" is visible (*) with a filename preceding it.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.