I heard that a virus is out that will automatically open the infected

I heard that a virus is out that will automatically open the infected file attachment when you simply click on the message. Is this true and if so, how do I protect myself from it?
- Edward

This question was answered on December 3, 2001. Much of the information contained herein may have changed since posting.

The most recent widespread virus/worm is known as the 'W32.Badtrans.B@mm¹ and it has taken propagation methods to a new high Based on the number of infected messages that have I have received in the last 10 days it has proven to be an effective worm

The basic difference between a virus and a worm is a virus requires human interaction of some sort to spread and a worm is capable of propagating on its own

In most cases, simply reading an e-mail message will not allow you to contract a virus Most virus/worm code is hidden in attachments that accompany e-mail messages

In most cases, you must open the attachment in order to contract the virus/worm, but not in the case of the W32.Badtrans.B@mm mass mailing worm

It takes advantage of a vulnerability in Microsoft¹s Outlook and Outlook Express that instructs your e-mail program to automatically open the attachment when you open the message

The good news is that this worm is not very destructive; the bad news is that it can monitor your system and steal valuable information that you type in such as account numbers or passwords

Catching the worm is fairly easy as long as your anti-virus program is up-to-date, but the reality is most casual home users are not very diligent in keeping their protection updated As a general rule of thumb, you should be updating your anti-virus program at least once a month, more often if you deal in dozens of e-mail messages a day

As with all mass-mailing worms, this one will begin to randomly send itself (whether you have your e-mail program open or not) to everyone in your address book Those of you with Œalways on¹ high-speed connections can spread this worm in high-speed as well, because it uses some internal Windows components to silently send itself to all of your contacts

One of the theories for why this worm has spread so quickly has to do with the holiday season This is traditionally the time of year that we get lots of holiday related e-mail from friends and family, which may cause some of you to let your guard down

The first step in protecting yourself from this and all future worms that attempt to exploit this 'hole¹ is to download the free fix from Microsoft and keep your anti-virus program updated

The following is list of links that will help you protect yourself from the W32.Badtrans.B@mm:

To fix the exploit, you can download a patch at:

<a href="http://www.microsoft.com/technet/security/bulletin/MS01-020.asp" target="_blank">>http://www.microsoft.com/technet/security/bulletin/MS01-020.asp</a>

Detection, protection and removal instructions can be found at the

following sites:

Norton Anti-virus users can get more info at:

<a href="http://www.sarc.com/avcenter/venc/data/w32.badtrans.b@mm.html" target="_blank">>http://www.sarc.com/avcenter/venc/data/w32.badtrans.b@mm.html</a>

McAfee Anti-virus users can get more info at:

<a href="http://www.mcafee.com/anti-virus/viruses/badtrans/default.asp?cid=2607" target="_blank">>http://www.mcafee.com/anti-virus/viruses/badtrans/default.asp?cid=2607</a>

Trend Micro users can get more info at:

<a href="http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_BADTRANS.B" target="_blank">>http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_BADTRANS.B</a>

Another way to reduce your chances of being a victim of a large number of e-mail viruses and worms is to use an alternative e-mail program such as Eudora or HotMail Outlook and Outlook Express are the most commonly used e-mail programs; therefore malicious virus writers target them more.