Microsoft Corp. shut down its corporate e-mail servers Friday because of a devastating macro virus. Intel Corp. was also hit hard by the virus, which gains entry to e-mail systems via Microsoft’s Outlook/Exchange products.
The virus replicates itself quickly, spreading infected pornography-related information throughout corporate messaging platforms and overloading servers.
The so-called ‘Melissa’ virus is believed to have originated in Western Europe and was first discovered on the alt.sex newsgroup.
An official at Network Associates’ McAfee unit, which first identified the virus, says it’s proliferation rate is unprecendented.
At least 20 large companies had been infected by late Friday – in one case 60,000 users affected.
Microsoft was forced to suspend all incoming and outgoing Internet mail Friday.
A spokesman said Microsoft’s product support division spent all day Friday alerting customers and partners about the virus.
An Intel public relations spokesperson also confirmed that some e-mail servers there had been taken off line by the virus.
The Melissa virus propagates via e-mail, attached a Word file that launches a macro when opened. The macro e-mails a message to the first 50 names in the recipient’s Outlook address book.
The Melissa-generated messages display a subject line that reads: “important message from,” followed by a user name. The body of the message consists of text saying, “Here is that document you asked for… don’t show anyone else;-),” followed by information on pornographic web sites.
McAfee has posted additional information on the virus on its site.
People cannot get the virus by merely opening up a message, only by opening the attached document.
Antivirus software vendor TrendMicro says the W97M_Melissa virus can also attack via both Word 97 and Word 2000 documents. The compnay says the virus works by lowering the security setting to the lowest level by modifying the registry and will disable the Word menu commands (MacroSecurity) which allows the user to reinstate security settings.