 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Melissa virus reminds of need to be cautious when venturing online
This article was originally published on April 6, 1999 by SignOn San Diego and Copley News Service.
The Melissa computer virus has swept across the land like a wildfire, multiplying thousandfold every hour, threatening through its very mass to bring an industry to its knees.
The news industry, that is, which has given Melissa far more coverage than it ever merited. With all the screaming headlines and breathless TV reports, you'd think Melissa was the ebola of the computer world.
In fact, the virus itself wasn't nearly as destructive as much of the media made it out to be (nor as serious as claimed by the federal prosecutors trying to boost their careers by throwing the book at the alleged programmer behind it).
Unlike many viruses, Melissa caused no real harm to the computers it passed through. No hard drives were erased, no data files corrupted.
The volume of e-mail generated by Melissa did cause some servers to either crash or grind to a halt, but the damage was not permanent.
(If you've somehow escaped all the hype, the fast-spreading Melissa was contained in a macro for Microsoft Word and first appeared in late March. When someone using a Windows-based machine with both Word and Microsoft Outlook received an infected e-mail message and opened the attached Word document, it automatically launched the virus which copied and e-mailed itself 50 times.)
If Melissa never really brought Western Civilization as we know it to its knees, what it did do was remind us of two oft-forgotten truths regarding personal computers: 1. Computer programs are not inherently benign; 2. Our demand for ease of use in computer software carries a price, namely, a loss of security.
The first issue is the more easily dealt with: Don't open any attached document in e-mail unless you absolutely know what it is before you open it – if you weren't expecting to receive it and don't know what it is, delete it unopened.
Of course, what made Melissa so darn effective at spreading was that it sent copies of itself by finding e-mail address books on the host systems, and sending messages to those addresses – thus, recipients believed they were receiving a message from someone they knew and trusted.
Most macro languages include full disk access privileges to allow you to automate saving and backing up files on your computer. While handy, this feature also allows a macro virus to completely erase or even reformat your hard drive if its author so chooses.
What makes Microsoft Word all the more vulnerable to abuse, though, is that unlike most programs it includes an autolaunch macro that, when activated, allows macros to begin right away once a document with a macro is opened.
So while macro viruses that would work in WordPerfect or StarOffice could and undoubtedly have been written, it is far more difficult to ensure that the recipient will launch the appropriate macro and activate the virus.
Which brings us to the second point: Microsoft included the autolaunch macro feature in Word because customers wanted it.
We WANT our computers to be easier to use. We don't want to have to go to the pull-down menu and click on a command in order to start a macro we use regularly.
Of course, at the same time, we also want full security on our computers.
What Melissa has, with minimal damage, reminded us is that we can't have both – at least, not without being more vigilant.
And Melissa won't be disappearing anytime soon. Anyone familiar with Word's macro language can open up the Melissa virus in the macro editor and change a few lines of code to make Melissa do something different.
While there is no substitute for simply being more cautious when reading your e-mail or downloading files from the 'Net, if you are still worried about Melissa or more virulent forms of Word macro files, there are a couple of things you can do to help protect yourself.
First, if you use Microsoft Word, make sure your macro autolaunch feature is turned off. Next, make sure you have a current virus protection program installed and fully updated. Most of them are pretty good at spotting macro viruses. For a list of vendors, check out Yahoo's virus protection page.
If really worried, consider another word processor. The sheer number of Word users guarantees that those hackers with a malicious bent are going to be attracted to Word because of the potential impact it can have. As mentioned, other programs are also susceptible to macro viruses, but there are fewer of them. Both WordPerfect and StarOffice offer full-featured packages that can even open and read latest-version Word documents without as much danger of Word macro viruses. (Although the folks at Corel, which publishes WordPerfect, caution that the upcoming WordPerfect 2000 will be able to read some Word macros and may thus become victim to a Melissa-like virus.)
You can also find free e-mail programs for Windows that are less likely to be susceptible to a Melissa-type virus than Outlook. Two of the more popular are Eudora and the e-mail manager included in Netscape 4.51.
Finally, for more information on Melissa itself and how to protect yourself (including detailed instructions on disabling the autolaunch feature in various versions of Word), you can visit the CERT Coordination Center at the Carnegie Mellon Software Engineering Institute.