Macro Viruses Many common software applications implement some sort of scripting functionality to assist with the automation of repetitive tasks. These functionalities often use simple, yet powerful, programming languages like Visual Basic for Applications VBA. Although macros do indeed offer great productivity-enhancing opportunities to computer users, they also expose systems to yet another avenue of infection—macro viruses. Macro viruses first appeared on the scene in the mid-1990s, utilizing crude technologies to infect documents created in the popular Microsoft Word environment. Although they were rel- atively unsophisticated, these viruses spread rapidly because the antivirus community didn’t anticipate them and, therefore, antivirus applications didn’t provide any defense against them. Macro viruses quickly became more and more commonplace, and vendors rushed to modify their antivirus platforms to scan application documents for malicious macros. In 1999, the Mel- issa virus spread through the use of a Word document that exploited a security vulnerability in Microsoft Outlook to replicate. The infamous I Love You virus quickly followed on its heels, exploiting similar vulnerabilities in early 2000. Macro viruses proliferate because of the ease of writing code in the scripting languages such as VBA utilized by modern productivity applications. Although the vast majority of macro viruses infect documents created by applications belonging to the Microsoft Office suite including Word, Excel, PowerPoint, Access, and Out- look, users of other applications are not immune. Viruses exist that infect Lotus, AmiPro, WordPerfect, and more. Platforms Just as most macro viruses infect systems running the popular Microsoft Office suite of appli- cations, most computer viruses are designed to disrupt activity on systems running versions of the world’s most popular operating system—Microsoft Windows. It’s estimated that less than one percent of the viruses in the wild today are designed to impact other operating systems, such as Unix and MacOS. This may be the result of two influencing factors. First, there really is no “Unix” operating system. Rather, there is a series of many similar operating systems that implement the same functions in a similar fashion and that are indepen- dently designed by a large number of developers. Large-scale corporate efforts, like Sun’s Solaris and SCO Unix, compete with the myriad of freely available versions of the Linux operating sys- tem developed by the public at large. The sheer number of Unix versions and the fact that they are developed on entirely different kernels the core code of an operating system make it diffi- cult to write a virus that would impact a large portion of Unix systems. Second, according to a National Computer Security Association NCSA Virus Prevalence Study, 80 percent of all viruses are macro viruses, all but a slim percentage of which target Microsoft Office applications. There simply isn’t a software package for non-Windows plat- forms that is anywhere near as prevalent as Office is among PC users, making it difficult to develop effective macro viruses for non-Windows platforms.