Sign in / up

back to article Cisco’s Talos security bods predict new wave of Excel Hell

It took a few years and one temporary halt, but in July Microsoft finally began blocking certain macros by default in Word, Excel, and PowerPoint, cutting off a popular attack vector for those who target users of Microsoft's Windows OS and Office suite. While recent versions of Office block Visual Basic for Applications (VBA) …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Woodnag

    Workaround

    Change the default program for .xll to Notepad or similar. Create or copy a text file to the desktop, then change suffix from .txt to .xll. Right click the file, and change the default program. Job done, snarf down some Fuller's London Pride to (ex)celebrate.

    4 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Workaround

      Avoid Microsoft softrware altogether, and you strip a massive attack footprint from your infrastructure. Cheaper too..

      14 1 Reply
      1. Christopher Reeve's Horse
        Reply Icon

        Re: Workaround

        Avoid flying altogether, and strip a massive risk of being in an aviation accident from your life. Cheaper too.

        I mean yeah, but...

        Yes, yes, I know there are many alternatives to a lot of MS products, but they ain't always possible, feasible, practical, etc.

        5 1 Reply
        1. Anonymous Coward
          Reply Icon
          Anonymous Coward

          Re: Workaround

          That's merely stating the very fact that Microsoft would not want anyone to talk about. Annoying, I know :).

          0 0 Reply
        2. Michael Wojcik
          Reply Icon

          Re: Workaround

          And as long as businesses insist on putting Microsoft Office on every damn end-user machine, we'll need workarounds like changing the handler for .XLL. (I believe such a change could be pushed via Group Policy, though I haven't actually tried it.)

          0 0 Reply
    2. Frank Bitterlich
      Reply Icon

      Re: Workaround

      ... until next week when MS comes up with a new version of Notepad that can actually use XLL files.

      It's laughable that in 2022 MS still thinks letting anybody execute arbitrary code packaged in a nice litte file that you can send by email is a good idea.

      1 0 Reply
  2. Nevermind

    Meanwhile a major UK defence contractor is busy converting all its forms, docs and reports to excel and circulating around its supply chain and partner orgs...wonder what'll happen when an infection occurs?

    6 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Earth shattering kaboom?

      :)

      2 0 Reply
  3. Anonymous Coward
    Anonymous Coward

    "They exist to let third-party apps add extra functionality to the spreadsheet"

    There's your problem!

    7 0 Reply
    1. ThatOne Silver badge
      Reply Icon

      Hacking is an extra functionality all right. All is going according to (marketing) plan.

      2 0 Reply
    2. Michael Wojcik
      Reply Icon

      "Excel is already a nightmare of ill-conceived misfeatures, but what if we added more misfeatures?"

      0 0 Reply
  4. ThatOne Silver badge
    Devil

    Perfect bait

    > "Details of Project Marketing Plan and Facebook Google Ads Results Report."

    OMG, marketing will be all over that bait! Career-enhancing informations not meant for you, just a click away, who cares about some stupid techie warnings!

    Obviously it's a little too juicy to be honest if you bother thinking about it (it only lacks a "only for the marketing director's eyes!" part), but then again marketing has never been too bright and greed can move mountains.

    1 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    Two words in the same sentence......again!!

    Quote: "...cybercriminals from targeting Microsoft..."

    ...and the words are "cybercriminals".....and you get to guess the other word!!

    ...clue......it begins with the letter "M".....

    ...and this has been going on since the Brain virus in 1986.....see link: https://en.wikipedia.org/wiki/Brain_(computer_virus)

    Yup........thirty six years......and still counting.......

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like