Are the macros in FUNCRES.XLA always safe?

I would consider the Microsoft macros to be safe. But could a hacker
spoof the "funcres" project so that it does not contain the contents
of the official FUNCRES.XLA file, even though it says the source of
the project is FUNCRES.XLA, i.e. the Project Explorer window shows
"funcres (FUNCRES.XLA)"?

The "funcres" project does disappear when I unselect the ATP from the
Add-ins list. But could a hacker detect that (if macros were enbled)
and remove their own spoofed "funcres" project?

I'm afraid I am very naive about the devious things that hackers can
do. In my paranoid ignorance, the realm of things seems infinite and
always possible, albeit infinitessimally probable.

Is it ALWAYS safe? Probably not, but the question becomes what is the
likelyhood of it not being safe. I believe that the answer to that is
extremely low - miniscule, even.
While Excel may well be one of the most widely installed applications on
desktop systems these days, it still is not much of a direct target. If you
take reasonable precautions you shouldn't have any worries.

Precaution #1 - (which some will say is not so reasonable) Do not routinely
operate the system with an account with Administrator privileges. This step
alone would stop well over 90% of viruses and worms in their tracks. This is
something that Vista can actually help you with: in the past, 3rd party
vendors have been lax in their programming to the point of requiring a user
to be an Administrator just to use the program - especially games. With
Vista, those days are ending - the vendors are having to do more things
right, including making applications usable without being an Administrator.

Precaution #2 - Keep your Operating System and copy of Excel/Office updated.
Most updates these days are security updates to close holes that make them
vulnerable to malware.

Precaution #3 - Get yourself a good anti-virus program and use it and keep
it updated. My personal recommendation(s)? I use Kaspersky Anti-Virus on
most of my systems, and Eset's NOD32 on a couple. These two are hard to beat
and because they don't have the share of the market that those that are often
delivered as a free trial with new systems have, they are not the targets of
code specifically crafted to detect those more 'popular' anti-virus programs
and slip by them.

Precaution #4 - remain paranoid - but keep it at a healthy level.

Precaution #5 - like retaining a lawyer "just in case" or buying auto/home
insurance, locate a reliable source for assistance for the time when you may
think you've become infested with some really fugly something or other. One
of those is at http://www.dslreports.com/forum/security That's a great
starting point for all things home computer security related. There are
MANY! Microsoft MVPs in the Security group that call it 'home'. No account
required to ask questions and get help, and no spam comes your way from
either visiting or actually setting up an account. If you do set up an
account, the basic ones are absolutely free.


"joeu2004" wrote:

Are the macros in FUNCRES.XLA always safe?

I would consider the Microsoft macros to be safe. But could a hacker
spoof the "funcres" project so that it does not contain the contents
of the official FUNCRES.XLA file, even though it says the source of
the project is FUNCRES.XLA, i.e. the Project Explorer window shows
"funcres (FUNCRES.XLA)"?

The "funcres" project does disappear when I unselect the ATP from the
Add-ins list. But could a hacker detect that (if macros were enbled)
and remove their own spoofed "funcres" project?

I'm afraid I am very naive about the devious things that hackers can
do. In my paranoid ignorance, the realm of things seems infinite and
always possible, albeit infinitessimally probable.