Several security measures and practices can protect you against malware in the AutoCAD LT environment.
Overview
Malicious executable code, also known as malware or viruses, has become more common and can impact users of AutoCAD-based products. If allowed to spread, malware can result in loss of intellectual property and reduced productivity.
Because AutoCAD LT doesn't include AutoLISP, VBA, and other applications, it is not impacted by many common cyber threats. But that doesn't mean that you can let your guard down. There are some threats common to AutoCAD LT as well as AutoCAD. These include the following:
- Subversive script, PGP, and CUIx files. Always examine these types of files from external sources carefully before using them because they can include hidden malware.
- Malware inserted in cracked copies and unauthorized add-ons. The people who crack software can easily insert additional code, including malware that steals your work or turns your computer into zombie.
- Malformed DWG files designed to overflow buffers with executable code. This is a more sophisticated type of attack designed to make doctored drawing data run as code on your computer. The AutoCAD Security team has been working to close buffer overflow exploits in AutoCAD and AutoCAD LT. If you work with sensitive design data, open drawing files from only trusted sources.
- Binary planting. This category includes inserting doctored binary files such as EXE, DLL, and COM files to substitute for legitimate files. To plant these files on your computer or a network requires privileges that can be granted by exploiting weak folder permissions, or if the application is running with local Administrator privileges.
General Preventative Measures
The following preventative measures will reduce your vulnerability to malicious code:
- Keep current with all your software products, including virus definitions.
- Install AutoCAD LT in the default program files location with UAC turned on, and do not run AutoCAD LT with Administrator privileges.
- Keep executable code in read-only folders that are separate from data.
- Locate shared AutoCAD LT CUIx files in read-only locations.
- Employ the Windows User Account Control (UAC) and limit privileges to prevent unauthorized changes.
- Attend to security warnings, especially those concerning unsigned executable files.
- Be careful about external applications, cracked software, "free" drawings, and custom files that could contain malware.
In the current cyber threat environment, it's always a good idea to practice vigilance, even with AutoCAD LT, and when it means spending a few extra minutes to reduce your security risks.