Legacy Microsoft Office document formats could contain malicious software code, which is why criminals often try to email them in order to lock user files for the purpose of extorting ransom, taking control over infected computers, or other malicious activities. Most often they use fake sender email addresses, or infected computers, which means one can receive infected file from a sender who is not aware of the fact that attached file contains malicious code, or even that such email has been sent on their behalf. Opening of such documents by a user, no matter wheather they have been received over company-owned or private email address, public cloud file service such as Sendspace or WeTransfer, on a USB thumbdrive, or some other way, can have grave consequences not only for computer they have been opened on, but also for complete Kappa Star information system, eg.:
- Locking all the shared files on fileserver for which a user has write permission
- Installation of a keylogger, malicious software which collects and sends history of keystrokes pressed on a keyboard
- Collection of typed usernames and passwords which can provide criminals with a way to access company VPN, impersonation of a compromised user in NAV RDP server etc.
Because of aforementioned reasons, sending and receiving legacy Microsoft Office document formats on Kappa Star email system is forbidden. Working around this restriction by means of communication over private email addresses, as well as using private email addresses for correspondence concerning business matters of Kappa Star Group member companies, is strictly forbidden.
Most popular legacy Microsoft Office document formats are:
.xls(Excel 97-2003 Workbook).doc(Word 97-2003 Document).pptp(PowerPoint 97-2003 Presentation)
Most popular contemporary Microsoft Office document formats are:
.xlsx(Excel Workbook).docx(Word Document).pptpx(PowerPoint Presentation)
Microsoft has introduced contemporary document formats as a default in Microsoft Office 2007. This means that every newly-created document in Microsoft Office 2007, or later versions, gets saved in contemporary format by default. At the time, Microsoft provided a way to save documents in legacy format, for compatibility reasons. It was quite common that users of older Microsoft Office versions (2003 and older) can not open contemporary document formats created on newer ones (2007 and newer), which resulted in a situation where users of newer Microsoft Office versions kept saving documents in legacy format "just in case", to be sure that users of older versions won't have problems opening them. This looked like ideal solution which benefits everyone without harming anyone, up until relatively recent rise of malicious software from ransomware family, which renders user files inaccessible, and which spreads mostly by means of Microsoft Office legacy document formats. Nowadays, more than a decade after their initial introduction, everyone would have to have software able to open, modify and save contemporary Microsoft Office document formats.
LibreOffice, free Office Suite, also has the ability to open, modify and save contemporary Microsoft Office document formats
When external email sender tries to deliver legacy Microsoft Office document format to Kappa Star email user, the delivery is blocked, and failure notice gets sent to both sender, receiver and postmaster-u, ie. administrator of Kappa Star email system. Failure notice contains the following:
- "BANNED CONTENTS" in message subject states that content is banned.
- In message body, end of line which starts with "Banned name" states the name of a blocked file (below picture shows file called "tabela.xls").
- Further down in message body, line which starts with "From" contains sender email address (below picture shows sender "pero.peric@posiljalac.org").
- Even further down in message body, line which starts with "Subject" contains blocked email subject (below picture shows subject "RE: Tabela za Peru").
- Finaly, at the bottom of the message body, we can see recipient email address (below picture shows recipient "mara.maric@kappastar.com").
Here's an example of failure notice:
If failure notice shows a known sender tries to send you legacy Microsoft Office document format, give them instruction - by email or otherwise - to save document in contemporary format and resend the email.
Never try to use private email address, or other means of working around the restrictionm, as such action violates security rules of Kappa Star information system!
Kappa Star email system also forbids other, even more dangerous file extensions such as .exe, .com, .bat and others. Failure notices regarding these extensions should be ignored, or consulted with IT personnel.
Below are screenshots of saving most popular contemporary Microsoft Office document formats in Microsoft Office 2016. Feel free to send link to this manual to senders who have trouble delivering legacy formats.
Excel
Word
PowerPoint
