You are here: Encyclopedia > Encyclopedia Part 5 > What are the attacks on the Macros and ActiveX?
What are the attacks on the Macros and ActiveX?
There are small pieces of codes that may be activated within a document and this is designed to make operations easier for the users. These essential file codes are known to be as “macros”. These codes are modifiable in nature in which it may be programmed in such a way that it can carry out certain operations including concealing and showing the tabs in Microsoft Office’s Excel application once a checkbox has been ticked. Aside from the role of macros in Excel, it also has defined functions in Microsoft Word wherein a database may be scanned and all the pieces of information will be included in the table.
Macros may also be utilized by the individuals who are not knowledgeable about programming. Recording particular keystrokes is possible when the macros are used and these codes are activated whenever there is a need to do the same operations for a couple of times. This function makes a certain task less difficult for the users.
Attacks, while making use of macros, appear to be the most effective medium for vicious criminals who desire to use various devices in their attempt in accessing the systems of particular organization within a certain period of time. Assaults may be performed with the utilization of scripting language like the Visual Basic for Applications or VBA. And, the most important step in order to successfully carry out the attack is the incorporation of malicious macros into the documents created with the use of Microsoft Office. The most commonly used MS Office application in this form of assault is the Microsoft Word. However, other applications appear to be used as well and these are the Excel and PowerPoint.
ActiveX, on the other hand, is a kind of tool that permits experts to establish code-reusing-applications as well as their components. This is typically found in the pieces of software that are used in a person’s daily life like MS Office, Microsoft Visual Studio, Microsoft Media Player, and the web browser Internet Explorer.
Attackers who make use of the ActiveX have a specific common goal and this is to access the computer system of their victim. One of the forms of attacks used by the vicious criminals is the insertion of an altered ActiveX control into web pages. Their main goal is to lure the naïve users into visiting websites or be directed towards them and execute the control.