Certain file types have always been vulnerable to virus infection.
In the broadest sense, there are basically 2 types of files on a computer.
- Files that are executable. – These files are usually referred to as programs. iTunes, Microsoft Word, virii, malware, even Windows itself is basically a (gigantic) program or group of programs. We sometimes say that these programs “execute code”, because all programs are coded instructions that tell the computer what to do. Hence the term “Computer Programmer”, and one of the slang terms for the same person: a “coder”.
- Files that require a program to run them. For the most part, we can refer to these as documents. Word processor files (.doc or .docx), Audio files (.mp3, .aac, etc), pdf files, picture files (.jpg, .png, .tif, .cr2, etc), movie files (mp4, flv, etc) and the like.
Almost any executable file can be infected with a virus. This doesn’t meant though that non-executable files are always safe.
For years, Microsoft bridged the gap between executable and non-executable files. They have built the ability to “script” functionality into their document types. This means that it’s not just a word processor document or a spreadsheet that you’re opening. That powerpoint presentation is capable of presenting you more than just images and audio.
Without going into too many techie details, any file type that is able to:
- “execute code” or
- ask the program that runs to display it to execute code
may pose a risk for the person who opens it.
You may have seen this message before when opening a document:
This document contains Macros.
Depending on the version of Microsoft Office that you’re using, the rest of the message will vary.
This message is telling you that the document you tried to open has asked Word (or Excel or whatever program ran to try to display the file to you) to execute some code on its behalf.
Unless you know exactly what the document is doing, approximately 99% of the time you won’t want to allow it to do it.
Typically, I see documents passed along via email not for collaboration, but for reading purposes. Most often the files you find on a website are pdfs, but from time to time you will come across some that are are word processor files or spreadsheet files. These documents do not need to have macros built into them, nor do they even need to be editable. If this is the case, word and excel documents should be saved as pdf documents.
The added bonuses to this are that a pdf document is often smaller than the original file, and it will display the same way it does on your screen. The look of a document will not depend on the version or even the brand of word processor or spreadsheet program installed on the recipient’s computer.
Additionally, the pdf file will be significantly less likely to infect the recipient’s computer in the event that the sender’s computer (or website) has been infected with a virus.
I always try to encourage my clients to send only pdfs, if they’re meant for reading only. Collaborative documents, especially in an enterprise environment will typically still be sent in a doc or docx type format.
Of course the next comment is often:
But Adobe Acrobat is so expensive.
This is true, but they’re not the only game in town anymore. There are several free pdf creator programs on the market these days. The one that I use and recommend is pdfcreator. It can be found here. It installs itself like a printer. Think of it as a virtual printer.
Once the program is installed, you can “print” the document just like you would print it to your physical printer. Just choose pdfcreator from the list instead of your regular printer. The program will ask you for a name, then where to save it. I usually save it to the same place I saved the original. Now when you send that email out or post it to your website, use the pdf document instead of the doc (or xls, docx, xlsx, etc) file.
Your recipients will thank you.