About Security and Protecting Against Viruses

Several security measures and practices can protect you against malicious executable files.

Overview

Malicious executable code, also known as malware or viruses, has become more common and can impact users of AutoCAD. If allowed to spread, malware can result in loss of intellectual property and reduced productivity.

The most common vulnerability results from allowing executable code to co-exist with data, such as automatically loaded AutoLISP files in the Start In folder. The Start In folder is determined either by the Start In attribute stored in the properties of the desktop shortcut icon, or by the folder in which you double-click a file to start the product.

More sophisticated attacks that compromise or steal intellectual property include malicious ARX applications, object enablers, and DLLs (dynamic link libraries). Another threat can come from VBA (Microsoft® Visual Basic® for Applications) macros embedded in DWG files.

For example, project-based executable files bundled together with drawings in a ZIP file might include edited versions of acad.lsp, acaddoc.lsp, and FAS and VLX files that contain malicious code. When the contents of the ZIP file are extracted into a folder and AutoCAD is launched by double-clicking a DWG file, the LSP files are automatically launched as well.

Also, many viruses try to propagate themselves by editing acad.mnl, adding a line in it to load itself.

Vulnerable Files

Malicious code can be included in the following types of files:

Security Countermeasures

AutoCAD security countermeasures minimize the possibility of executing malicious code by providing controls that

Important: Using the /safemode switch also prevents the AutoCAD Express Tools and most AutoCAD command tools from functioning, and should only be used temporarily in situations where you suspect that malware has been installed on your system.

Recommendations

The following best practices will reduce your vulnerability to malicious executable code:

Note: AutoCAD LT® does not run AutoLISP, VBA, or other applications, and does not require these security measures. However, it's always recommended to follow best practices regarding security, including limiting account privileges.