MENU

StripIT

StripIT® identifies macros and active code in OpenOffice and Microsoft Office documents and removes these sources of risk, allowing the modified document to be delivered to the intended recipients.

Document based macros and other active code have long been seen as a source of security risk.
There are few limits to what this embedded active code can do when run.

Microsoft Office applications provide an environment that uses ActiveX/COM DLLs already installed on your system to extend functionality. Visual Basic for Applications (VBA) was included in Microsoft office to provide automation support in and between documents. VBA can access and use ActiveX/COM DLLs available in the office environment plus it can load others. VBA also has direct access to the file system and shell. The power of combining VBA macros with the office environment can pose a significant risk.

OpenOffice provides access for scripts running in a number of languages including its own version of Basic. These languages are feature-rich and could similarly be used for malicious purposes. OpenOffice can even run some VBA code imported from Excel, provided this capability is enabled.

There is general concern about what is downloaded when web browsing. That same concern should apply to what is running from inside your Office applications. Macro's are potentially dangerous and can run automatically.

Malicious use of VBA could provide access to confidential files or could disable the computer's operating system. VBA code has the same access rights as the user, which could be at administrator level.

Typically, e-mailed Office documents are scanned for virus content only, and if clear, are passed through. Anti-virus programs only look for known virus signatures. There is no reason for them to detect macros or other active code. Alternatively keyword searching may be used to identify the presence of active content and such documents might be quarantined.

StripIT® provides a higher level of control, allowing macros and other active code to be identified and optionally stripped out of documents before they are delivered to the intended recipients.

Read more