If you're afraid to open your e-mail after hearing about the Love Letter worm/virus and its copycats, you're not alone. Many types of e-mail attachments have been infected, hidden or destroyed recently -- not only Microsoft Office documents, but JPEG graphics files, MP3 files, etc.
A worm is a type of virus that moves on its own, transferring itself from system to system by e-mail and other file transfer methods. A trojan horse virus enters other software, such as Microsoft Office macros, and executes when a macro is invoked.
All computer users at MIT should take responsibility for protecting against computer viruses. Viruses can infect not just one person's vulnerable computer but all users on that person's server, network, or -- as in the case of the Love Letter virus -- all users in a person's e-mail address book.
Network and server administrators need to be especially vigilant, as they are prime targets of virus attacks.
Most importantly, users should keep their virus protection software up to date by the following means:
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ Download the latest version of VirusScan, NetShield or Virex for Macintosh from the MIT Security Office virus protection web pages. MIT has a volume license that allows everyone at MIT to use the highly recommended virus protection products from Network Associates and its divisions, McAfee/AVERTLabs and Dr. Solomon.
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ Obtain the latest updates -- virus definition/signature files -- using the VirusScan Console. (Macintosh users can download from the vendor's site.) Virus definition/signature files contain a description of each known virus, so they need to be updated when a new virus appears. The MIT virus protection web pages provide update instructions for each platform.
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ Windows users: Obtain the latest version of the VirusScan scanning engine, also using the VirusScan Console. The scanning engine is the part of VirusScan that searches for viruses and virus-like behavior.
The MIT virus protection web pages also provide access to improved PDF versions of the VirusScan, NetShield and Virex user guides, making it easy to find additional details about the products.
Keep up with the latest viruses and anti-virus software update/upgrades by checking the virus protection web pages. Go to the news section and the section for your platform. Users may also subscribe to the MITVIRUS e-mail notification list.
Other ways to protect yourself: do not open e-mail attachments from unknown senders, and do not open an attachment without confirming its validity with the sender.
TIPS FOR WINDOWS USERS
Because so many recent virus attacks have targeted Windows computers, additional protective tools are available:
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ Keep the VirusScan scanning engine (which searches for viruses) up to date.
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ An updated virus definition file is released each Thursday, so you can configure VirusScan to do weekly auto-updates on Fridays. When Windows virus definitions need an urgent interim update, an "extra.dat" file is made available on the web for download and announced to the MITVIRUS e-mail alert list mentioned above.
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ Configure VirusScan so it scans all file types and so it scans e-mail.
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ If you're not using Windows Scripting Host (WSH), disable it.
ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ Don't open any files whose extensions have ".vbs" added at the end. For example, an extension such as ".jpg.vbs" is a sign of infection.
Find out more about variants of the Love Letter virus at the Department of Energy's computer alert web page.
Users can download anti-virus software provided by the MIT virus protection web site from anywhere in the world using MIT certificates. This lets you guard against the newest viruses when you are travelling or away for the summer.
A version of this article appeared in MIT Tech Talk on May 17, 2000.