OpenOffice.org: There's No Virus
OpenOffice.org responded Friday to claims in the media that the first virus had been discovered for the open source productivity suite. The group said that macro viruses are possible in any program that supports the feature.
"Macros are a useful part of any office suite, allowing users to automate repetitive tasks," OpenOffice.org's Jacqueline McNally said. "These tasks include potentially destructive actions such as modifying and deleting files, which is why macros are of interest to virus writers."
McNally added that the software always asks before running any kind of macro, thus preventing the commands from executing automatically. She said the company takes the issue of security very seriously, and would respond to any problem expeditiously.
But OpenOffice will not provide any patch for the issue, saying it does not consider the proof-of-concept macro virus a problem. "Technically, it is not even a virus, as it is not "self-replicating" - with OpenOffice.org's default settings, it cannot spread without user intervention," McNally argued.
To prevent an attacker from taking advantage of the issue, OpenOffice said that users should never accept files from unknown sources. As of press time, the company that discovered the problem, Kaspersky Lab, had not responded to OpenOffice's claims.