1 844.742.7448

Email Us

Remote Support

Contact

Posts tagged "Malware"

  1. Home
  2. Posts tagged Malware

Microsoft Excel is making a big change to protect against malware
  • No Comments

Excel 4.0 (XLM) macros are now disabled by default, Microsoft has confirmed. In a Tech Community blog post, the company revealed that the change has been made to better protect users against “related security threats” coming through spreadsheets.

Back in July 2021, the company released a new Excel Trust Center setting option, allowing administrators to restrict the usage of Excel 4.0 (XLM) macros. It has now made this option default for everyone.

Administrators can use existing Microsoft 365 applications policy control to configure this setting, the announcement reads. The Group Policy setting “Macro Notification Settings” for Excel can be found in the following path and registry key:

Group Policy Path: User configuration > Administrative templates > Microsoft Excel 2016 > Excel Options > Security > Trust Center.

Registry Key Path: Computer\HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Office.0\excel\security

Malicious actors often abuse macros

Furthermore, administrators can manage this policy setting with both cloud policies, and ADMX policies. They can also completely block all XLM macro usage, including in new user-created files, by enabling the Group Policy, “Prevent Excel from running XLM macros”, Microsoft added. 

Excel 4.0 (XLM) macros were the default format until 1993, and even though they’ve since been discontinued, they can still be run by the latest versions of the Office program. That makes them ideal for threat actors, who’ve been abusing them to push malware such as TrickBot, Zloader, Qbot, Dridex, ransomware, and many other malicious programs, BleepingComputer reminds. 

The publication also reminds that in October 2019, Microsoft added a new Group Policy, allowing administrators to block Excel users from opening untrusted Microsoft query files with IQY, OQY, DQY and RQY extensions. It claims that these files have been weaponized in “numerous malicious attacks”, to deliver remote access Trojans and malware, for years. 

XLM is disabled by default in version 16.0.14527.20000+, current Channel builds 2110 or greater, monthly Enterprise Channel builds 2110 or greater, semi-annual Enterprise Channel (Preview) builds 2201 or greater, and semi-annual Enterprise Channel builds 2201 or greater (coming this July).

Via: BleepingComputer

TechRadar – All the latest technology news

Read More

How do malware removal tools work?
  • No Comments

Malware removal software is an important part of the armory of tools that can be used to defend your PC from being compromised by a malicious payload of one kind or another.

If you’re wondering how anti-malware tools differ from antivirus, we cover that in-depth elsewhere, but suffice it to say that malware removal apps offer a much more focused kind of protection against malware, and the facilities to rid your system of an infection.

But how do these applications work exactly? Read on for our full examination of how malware removal tools protect your device and what to expect if you install one of these utilities on your system.

Malwarebytes Premium is today’s best anti-malware tool
Save 25% on your security Sometimes free software just isn’t enough. Malwarebytes Premium is reasonably priced and uses heuristic analysis to identify new strains of malware, cleans up existing infections, helps protect you from phishing scams, and helps stop you downloading further malicious software.

Save 25% | $ 39.99 $ 29.99

On-demand scanning

As with an antivirus app, when installed on your machine, a piece of anti-malware software will give you the ability to scan the system to check if any malware is present.

There’ll be a ‘Scan’ button on the main menu of the app (most likely, or a submenu perhaps), and simply clicking on that will scan your drive(s) and memory. Just the same as with an antivirus, the malware removal tool will have (regularly updated) definitions of common malware. It’ll look for matches based on the content of this library of definitions, and if anything is found on your PC, that will (obviously) be flagged as malicious.

That will happen in a post-scan report, where any suspect discoveries are highlighted, and you’ll get the option to quarantine these offenders (or indeed malware might be automatically quarantined). Quarantining, as you might expect, is the banishment of a file to a cordoned-off area of the system, where it can no longer reach or harm your device or data.

Malwarebytes Threat Scan Result

(Image credit: Malwarebytes)

As well as malware, Potentially Unwanted Programs (known as PUPs for short) may be reported in scan results, which are, as the name suggests, apps that you might not want on your system (a good anti-malware app will explain why they’re possibly undesirable). These don’t have to be quarantined, as they’re not actively doing any harm, so it’s up to you whether to take action on those. (You’re better safe than sorry in these cases, more than likely, but occasionally legitimate apps can be flagged, and you may want to ignore warnings in these cases).

This on-demand scanning is present with all anti-malware software, and one approach that some folks take is to install a freebie malware removal app just to sit on their system as a backup to a primary antivirus.

In other words, the tactic here is to rely on the antivirus in the main, but to run a manual scan with a second line of defense – the anti-malware – every now and then, just to see if it picks up on anything that the antivirus could have missed. That might only be a PUP, and not outright malware, but still, it could be something that you don’t want on your system, and would otherwise have sat there if you hadn’t plumped for a second opinion.

Real-time defenses

Malware removal software can give you more than just on-demand scanning, though, and some apps offer real-time defenses in the same vein as an antivirus. Real-time protection simply means that the anti-malware tool has a constant shield up, scrutinizing every file being introduced onto your system (and the processes currently running) for anything suspicious.

That gives you more watertight protection, and means you can run an anti-malware app as your frontline protection against malware, with no need for an antivirus (at least in theory).

Obviously it helps if you choose one of the best tools of this purpose, such as our current top-ranked pick Malwarebytes. Its premium version sports real-time protection, backed up by heuristics (monitoring for malware-like behavior, to catch threats which are brand new and not yet included in the program’s library of malware definitions).

Malwarebytes Premium Main Menu

(Image credit: Malwarebytes)

Remember that anti-malware is built to major in such behavioral detection, and finding fresh threats that an antivirus might miss. You also get web defenses (against phishing and other online scams) for safer browsing, plus anti-ransomware tech – a broader level of protection, in other words, from the paid Malwarebytes app (as you might expect).

All that said, it’s still true that the best antivirus apps may offer a more accurate malware detection engine – at the time of writing, that is indeed the case according to the independent test labs, although Malwarebytes is rated solidly enough for overall protection – so you may prefer to run one of our best antivirus picks backed up by the free version of Malwarebytes (or your preferred anti-malware choice) for on-demand duties.

How do malware removal tools work?

Whatever the case, anti-malware apps offer a laser-focused protection against malware (and the likes of PUPs), and as we’ve seen, the good ones can work on multiple levels just like antivirus – with on-demand, plus real-time protection backed with heuristic tech – running the gamut of defensive countermeasures against all the nastiness out there, including ransomware, phishing and more.

TechRadar – All the latest technology news

Read More