IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Security Forum / VBA in Outlook.
Post #23,731
by static
Picture of static
1/10/02 5:43:57 AM
Reply
New VBA in Outlook.
Time has shown that scripting in a major application is always popular. Lotus 123 had it's macros, for instance, and with them you could make your spreadsheet do magic things. Microsoft took up this baton with aveangence in Word with WordBASIC and Excel macro language. Then Visual BASIC appeared and took off, and MS decided it would be good if they could "unify" all their macro languages behind this Visual BASIC.

The implementation has proved ... troublesome. Along the road to this unification, WordBASIC got so powerful that someone eventually wrote a virus in it (the famous "Concept" virus). At the time I was working with anti-virus software and it was very clear that Microsoft deliberately under-rated the threat of macro virii in favour of end-users being able to program their documents.

This attitude persists. Outlook was merely unlucky enough to be in the sights for VBA "unification" and thus email trojans came about. Microsoft persist with a perverse attitude towards security in their products, preferring to believe that all this automation makes for better applications. There are several stories about those championing security inside Microsoft finding it quite an uphill battle, and my impression of their response to security issues is of a grudging one.

Wade.

"All around me are nothing but fakes
Come with me on the biggest fake of all!"
Post #23,761
by wharris2
1/10/02 11:51:04 AM
Reply
New Their responses?
and my impression of their response to security issues is of a grudging one.

Ho, ho, ho. Perhaps you formed this impression by the number of times they've gotten reports of a security problem, and then sat on it for an inordinate length of time until someone got tired of waiting for them to get off their duffs and publicized it? :-) Strange how quickly they seem to be able to develop, test, and deploy fixes after someone turns up the heat.
"Beware of bugs in the above code; I have only proved it correct, not tried it."
-- Donald Knuth
Post #23,870
by static
Picture of static
1/11/02 6:05:17 AM
Reply
New Something like that.
Also how much prodding they need to even consider addressing security. Even now, they still refuse to properly fix the Macro virus problem, even after many experts have told them and the world at large what they need to do. Of course, the problem Microsoft (think they) face is that such measures would make Windows (slightly) harder to use for both J Random User and J Corporate User. Which, to Microsoft, is simply unacceptable.

Wade.

"All around me are nothing but fakes
Come with me on the biggest fake of all!"
     Outlook, Windows, and viruses. - (acagle) - (9) - Jan. 9, 2002, 01:00:59 PM EST
         A brief summary of why Outlook has so many viruses. - (nking) - (8) - Jan. 9, 2002, 01:51:12 PM EST
             Re: A brief summary of why Outlook has so many viruses. - (acagle) - (7) - Jan. 9, 2002, 02:10:55 PM EST
                 How and why? - (wharris2) - (3) - Jan. 9, 2002, 04:28:48 PM EST
                     Re: How and why? - (acagle) - (2) - Jan. 10, 2002, 02:41:23 PM EST
                         Re: How and why? - (a6l6e6x) - Jan. 10, 2002, 04:19:44 PM EST
                         Re: How and why? - (Arkadiy) - Jan. 10, 2002, 04:38:44 PM EST
                 VBA in Outlook. - (static) - (2) - Jan. 10, 2002, 05:43:57 AM EST
                     Their responses? - (wharris2) - (1) - Jan. 10, 2002, 11:51:04 AM EST
                         Something like that. - (static) - Jan. 11, 2002, 06:05:17 AM EST

Aw, good for him.
82 ms