| Port No | 113 |
| Service Name | Alicia |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This malicious Visual Basic (VB) script lowers the security setting of Microsoft Word by creating several registry entries. When security is set to low, all macros are treated equally, regardless of origin or certificate status. With low security, the user receives no prompt message or signature validation, and all macros are automatically enabled. This may allow macro viruses to infect the system without user knowing about it. After modifying the security settings of MS Word, it creates a file ANGLEDUST.DAT in the root folder containing VB code. |
| Reference Link | Alicia |
| Attack | Solution Restoring the Security Setting of MS Word This procedure restores the security setting of MS Word. In MS Word, click Tools>Macro>Security. On the Security window, choose either High or Medium option. The suggested option is High. Restart MS Word. Additional Windows ME/XP Cleaning Instructions Users running Windows ME and XP must disable System Restore to allow full scanning of infected systems. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.