Hundreds of businesses hit by Microsoft e-mail virus

Click to follow
The Independent Online
ONE OF the most insidious computer viruses ever knownyesterday infected thousands of computers around the world, carried by an e-mailed document with a program which pillages electronic address books to spread itself.

In Britain, hundreds of businesses had to take emergency action after discovering incoming e-mail from the US carried the virus. Named "Melissa", it uses the combination of software weaknesses and the near-monopoly of Microsoft's word-processing and e-mail programs, Word and Outlook Express.

The document, entitled "Important message from ..." contains a huge list of pornographic websites, but it also carries a "macro" - a set of instructions - which is implemented when the unwitting user opens an attachment to the e-mail. Default settings in the newer versions of Word will launch the macro. That then raids the user's electronic address book and e-mails itself to up to 50 addresses.

"Sending out a pornographic document which also carries a virus can damage your reputation - we have had financial clients and computer companies hit by this," said Kevin Street, technical manager for the anti-virus company, Symantec. "In some countries it is against the law to send a virus."

In a large company, trying to send so many messages could also crash computers.

Though anti-virus companies confirmed that many businesses were hit, none was willing to be named publicly. "There's a stigma in saying you've been hit by a virus," said Jack Clark, European product manager for Network Associates, an anti-virus company.

The first "macro virus" appeared in September 1995, and affected earlier versions of Word. It is thought to have been written by a freelance programmer who was working at Microsoft that year: the source was eventually traced to a CD-rom issued by the company.

Macro viruses have become more and more dangerous. Melissa was recognised as so virulent that for only the second time in a decade, the Central Emergency Response Team (Cert), an American organisation which monitors threats to the Internet, issued a warning of the risks posed by the virus.

"This morning alone we had 40 or 50 companies affected by it," Mr Clark said. "That is unprecedented. Usually when a new virus turns up we get a few calls from people asking how they would know if they had it. This time, they have all had it."

Warnings about the virus only began to circulate on the Internet on Friday, too late for many in Britain to take action against it.

Comments