HOME
TOPICS
SEARCH
ABOUT ME
MAIL

 
Refuse to open any Microsoft Word document that comes in the mail unless you know the sender and had asked that person to send you a specific document.
  technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

Protecting your computer, Part 1: Dealing with the newest viruses


Nov. 11, 1999

By Al Fasoldt
Copyright © 1999 , Al Fasoldt
Copyright © 1999, The Syracuse Newspapers

   What can you do to protect your home computer against the latest viruses? How can you be sure someone can't break into your computer over the Internet?
   These are important questions. We'll deal with them this week and next. Let's start with the virus threat.
   Until recently, you could feel safe from viruses if you did two important things. You had to run anti-virus software and you had to avoid opening executable attachments. ("Executable attachments" are programs that are sent with -- in other words, they're "attached" to -- e-mail letters.)
   But then macro viruses changed the rules. Macro viruses are hidden in documents, not in programs. A macro is a set of commands for programs such as word processors -- especially, for Microsoft Word. A typical ordinary macro might do nothing more than save a file every 10 minutes. Macro viruses can be very dangerous, but you have a simple way to avoid them: Refuse to open any Microsoft Word document that comes in the mail unless you know the sender and had asked that person to send you a specific document.
   That's where things stood until a few weeks ago. But now there's a new kind of virus that can sneak into your Windows PC even if you don't open executable files and Microsoft Word documents. The first virus of this new breed is called BubbleBoy. (The name comes a "Seinfeld" TV plot.) BubbleBoy is actually a worm, not a virus, but the technical difference does not matter for our purposes.
   BubbleBoy takes advantage of a major bug in the way the most common Microsoft e-mail programs work. If you use Internet Explorer 5 on your Windows PC and use Outlook Express for e-mail, a worm of the BubbleBoy type can infect your computer when you view an e-mail message. You don't have to open the e-mail letter.
   BubbleBoy also exploits Microsoft Outlook the same way. Apparently, all three versions of Outlook (Outlook 97, 98 and 2000) are vulnerable.
   Outlook Express displays e-mail letters in a viewer window automatically when you single-click a message or when you use the arrow keys to move your text cursor to the message. A message carrying the BubbleBoy class of worm will infect your PC right at that point, before you have actually opened the message. Users of Outlook have to choose the viewer, but then the infection works the same way.
   There is no attachment. The BubbleBoy class of worm is part of the message. You would have no clue that a message Outlook Express automatically displays is infected. The worm inserts a program into the startup sequence of Windows that sends the worm out to everyone in your address book. BubbleBoy itself does not do anything else -- it seems to have been created mostly as a warning to anti-virus experts -- but other viruses or worms that work the same way could do a lot of harm.
   Microsoft has a fix for the BubbleBoy-class worm. Go to http://www.microsoft.com/security/Bulletins/ms99-032.asp and follow the instructions. If you do what Microsoft tells you to do, your PC will be protected from this kind of infection.
   But Windows is still open to other kinds of computer virus and worm infections because of the way it's designed. You should check for word of new problems every few weeks. The Symantec anti-virus center is a good place to start. It's at http://www.symantec.com/avcenter/.
   Next week we'll look at what you can do to keep intruders from breaking into your PC across the Internet.