The Free and Open Productivity Suite
Released: Apache OpenOffice 4.1.15

Statement on the Proof of Concept Macro Virus

There has been press comment recently about a "proof-of-concept macro virus" affecting and reported in a blog at an anti-virus company. [1]

Macros are a useful part of any office suite, allowing users to automate repetitive tasks. These tasks include potentially destructive actions such as modifying and deleting files, which is why macros are of interest to virus writers.

The "proof-of-concept macro virus" showed that it is possible to write a simple "virus-like" program using's macro language. This is a known risk with any capable macro language. To mitigate against this risk, by default detects if a document contains macros, displays a warning, and will only run the macro if the user specifically agrees. This behaviour conforms to industry best practice.

The engineers take the security of the software very seriously, and will react promptly to any new issues. This "proof of concept" virus is not new information, and does not require a software patch. Technically, it is not even a virus, as it is not "self-replicating" - with's default settings, it cannot spread without user intervention.

However, the community repeats the consistent message from security experts that users should never accept files from unknown sources. For any security issue, please visit's Security Team page [2] and send a note to


[2] //security/

- The Team

Apache Software Foundation

Copyright & License | Privacy | Contact Us | Donate | Thanks

Apache, OpenOffice, and the seagull logo are registered trademarks of The Apache Software Foundation. The Apache feather logo is a trademark of The Apache Software Foundation. Other names appearing on the site may be trademarks of their respective owners.