A crippling and embarrassing virus spent last week marauding countless e-mail inboxes around the world, replicating itself to end-user address books and sending an exhaustive list of pornographic Web sites to everyone therein.
Dubbed the "Melissa" virus, the culprit has hampered -- and in some cases entirely shut down -- e-mail systems for companies the world over. For example, Microsoft has put a halt to all outgoing e-mail throughout the company.
"Some users at Microsoft received an e-mail that contained a Word document that has attached to it a macro virus," said Andrew Dixon, group product manager for Office at Microsoft. "If that document is opened and the macro virus is allowed to run, it is possible (for the virus) to send e-mail to a number of other users."
Dixon said that Microsoft "temporarily turned off outgoing e-mail" company-wide to guard against spreading the virus. Dixon said he did not know how many Microsoft employees received the macro virus, or how many may have triggered it. At risk are Microsoft Exchange Servers running Microsoft Outlook. With an ever-changing subject heading of "Important Message From (end-user name), the attachment to the e-mail is a document entitled "list.doc" with a body of text reading "Here is that document you asked for ... don't show anyone else ;-)."
Upon opening the attachment, Microsoft Word 97 will ask if you want to disable the macros, to which you should reply yes, or the e-mail will automatically be sent to the first 50 names on each company mailing list.
"If you don't disable the macros, the virus resends itself to everyone in (your) address list," said John Berard, a spokesman for Fleishman Hillard, which was infected by the virus and inadvertently spread it around. "We've been shut down and working on the problem all day. It's hard working without the effective use of e-mail. But this thing did not originate with us."
In addition, the virus automatically changes the security settings of an infected system to the lowest possible setting, a slick move that has IT managers wondering if they will have to manually reset every infected PC in their enterprise.
Fleishman Hillard immediately shut down its systems when it discovered the virus and contacted federal authorities. Fleishman Hillard has more than 1500 employees worldwide.
Meanwhile, the list of companies affected is growing exponentially. An Intel spokesperson reported that the chip-giant had been "touched" by the virus and is working on correcting the problem. "It's all over," he said.
Tom Moske, network manager for USWeb CKS, said the virus has made for a very long day. "It's going to propagate like crazy. It's gone to all of our client and personal addresses. We are kind of laughing, although it is pretty bad. This is a good one."
A fix for the virus has been posted on the Trend Micro Web site. All major antivirus companies are expected to follow suit by Monday.
Dan Schrader, director of product marketing at Trend Micro recommends that IT managers do not panic upon learning of the insidious virus, but shut down the e-mail system and go to Trend Micro's Web site at housecall.antivirus.com/smex_housecall for further instructions.
Though Schrader could not say how many companies had been affected, he did say his company was "getting swamped with calls and hits on the Web site. Obviously it spreads very rapidly."
Schrader said the virus is easy to detect and not destructive in nature. But it can cause serious bandwidth constraints and contains several quirky characteristics.
According to Trend Micro officials, the virus has a hidden message that is time triggered to reveal a quote from the popular TV series The Simpsons.