Macro virus

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computing terminology, a macro virus is a virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications). Some applications, such as Microsoft Office, allow macro programs to be embedded in documents such that the macros are run automatically when the document is opened, and this provides a distinct mechanism by which malicious computer instructions can spread. This is one reason it can be dangerous to open unexpected attachments in e-mails. Many antivirus programs can detect macro viruses.


A macro is a series of commands and actions that help to automate some tasks - effectively a program but usually quite short and simple. However they are created, they need to be executed by some system which interprets the stored commands. Some macro systems are self-contained programs, but others are built into complex applications (for example word processors) to allow users to repeat sequences of commands easily, or to allow developers to tailor the application to local needs.


A macro virus can be spread through e-mail attachments, removable media, networks, and the Internet, and is notoriously difficult to detect.[1] A common way for a macro virus to infect a computer is by replacing normal macros with a virus. The macro virus replaces regular commands with the same name and runs when the command is selected. These malicious macros may start automatically when a document is opened or closed, without the user's knowledge.[2]

Once a file containing a macro virus is opened, the virus can infect the system. When triggered, it will begin to embed itself in other documents and templates. It may corrupt other parts of the system, depending on what resources a macro in this application can access. When the infected documents are shared with other users and systems, the virus spreads. Macro viruses have been used as a method of installing software on a system without the user's consent, as they can be used to download and install software from the internet through the use of automated key-presses. However, this is uncommon as it is usually not fruitful for the virus coder since the installed software is usually noticed and uninstalled by the user.[citation needed]

Since a macro virus depends on the application rather than the operating system, it can infect a computer running any operating system to which the targeted application has been ported. In particular, since Microsoft Word is available on Macintosh computers, word macro viruses can attack some Macs in addition to Windows platforms.[1]

An example of a macro virus is the Melissa virus which appeared in March of 1999. When a user opens a Microsoft Word document containing the Melissa virus, their computer becomes infected. The virus then sends itself by email to the first 50 people in the person’s address book. This made the virus replicate at a fast rate.[3]

Not all macro viruses are detected by antivirus software.[citation needed] Exercising caution when opening email attachments and other documents decreases the chance of becoming infected.


  1. ^ a b "Frequently Asked Questions: Word Macro Viruses". Microsoft. Retrieved 2006-06-18. 
  2. ^ "Information Bulletin: Macro Virus Update". Computer Incident Advisory Capability. Retrieved 2006-06-18. 
  3. ^ "How Computer Viruses Work". How Stuff Works inc. Retrieved 2006-06-18. 

Further reading[edit]