Page 1460 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1460

applications didn’t provide any defense against them. Macro viruses
               quickly became more and more commonplace, and vendors rushed to

               modify their antivirus platforms to scan application documents for
               malicious macros. In 1999, the Melissa virus spread through the use of
               a Word document that exploited a security vulnerability in Microsoft
               Outlook to replicate. The infamous I Love You virus quickly followed
               on its heels, exploiting similar vulnerabilities in early 2000, showing
               us that fast-spreading viruses have plagued us for nearly 20 years.




                             Macro viruses proliferate because of the ease of writing

                  code in the scripting languages (such as VBA) utilized by modern
                  productivity applications.



               After a rash of macro viruses in the late part of the twentieth century,
               productivity software developers made important changes to the
               macro development environment, restricting the ability of untrusted
               macros to run without explicit user permission. This resulted in a

               drastic reduction in the prevalence of macro viruses.

               Service Injection Viruses Recent outbreaks of malicious code use
               yet another technique to infect systems and escape detection—
               injecting themselves into trusted runtime processes of the operating
               system, such as svchost.exe, winlogin.exe, and explorer.exe. By
               successfully compromising these trusted processes, the malicious code
               is able to bypass detection by any antivirus software running on the

               host. One of the best techniques to protect systems against service
               injection is to ensure that all software allowing the viewing of web
               content (browsers, media players, helper applications) receives
               current security patches.


               Platforms Vulnerable to Viruses

               Just as most macro viruses infect systems running the popular
               Microsoft Office suite of applications, most computer viruses are

               designed to disrupt activity on systems running versions of the world’s
               most popular operating system—Microsoft Windows. In a 2017
               analysis by av-test.org, researchers estimated that 77 percent of
   1455   1456   1457   1458   1459   1460   1461   1462   1463   1464   1465