Keep your anit-virus up to date. Don’t open anything to do with Viagra or big boob (can you say boobs on this forum). Is someone who never sends you jokes suddenly send you a joke… the joke’s not funny… its a virus. If someone needs you to look at something urgently, but nothing they ever do is urgent… it’s not urgent… it’s a virus. Finally most of the people who want your e-mail address have no interest in talking to you about anything you care about. Give them your hotmail account and then never check that account.

My final caution. If you buy something from a store and they want to know your address, find out if they make housecalls to fix whatever it is you just bought. If the answer is no, then they don’t need your address.

Bear in mind that many of these security issues are not macro driven, they are carefully corrupted .xls (and other) files that will upset Excel when it tries to open them. They may not contain any macros at all.

‘treat like porn…’, If they were treated like porn the sys admins would have already removed them from your email, quarantined them, sent you (and the sender) a threatening email, burned them onto cd and taken them home for personal use.

I’m sure Mike wasn’t the only one thinking this.

guess what, it is easier to set it to low rather than installing the server and teaching the users how to register a certificate

Most of the Excel files we work with are unrecognizable. Besides, If I treated every spreadsheet like porn, I’d WOULD open it up and take a gander. Look at that table structure…Wowza!

Notice that many of the quotes came from “security experts” that owned companies that provided security to other companies? If they can convince their clients that problems exist, they can increase their revenues. I’ve been using a VM for internet access, without any AV, and the only “infection” I’ve gotten have been so called tracking cookies. No real threats.

What the IT guys fear from letting users use Excel and VBA is the loss of control over those users.

I believe the phrase is rearranging the deck chairs on the Titanic.

But I agree and disagree with you. I think .Net is a little less susceptible to the script kiddie, but not to someone who is determined. But, lately, those who are determined to hack are those looking to make money out of it. I don’t know if that’s something they’re going to get out of an Excel attack.

I don’t know how easily OO can be targeted with Python code so I can’t comment, except for that the limited userbase inherently makes it more secure by being a smaller target.

“The increase in attacks in Excel are numerous and the application seems to be at the forefront of ushering in frequent application-level attacks that we’re seeing more of now than ever,”

The forefront? How many people did award-winning journalist Jabulani Leffall have to interview before he founds someone with just the right amount of hyperbole?