Strange as it may sound, the computer virus is something of an Information Age marvel. On one hand, viruses show us how vulnerable we are as properly engineered viruses can have a devastating effect, disrupting productivity and doing billions of dollars in damages. On the other hand, they show us how sophisticated and interconnected human beings have become.
By understanding the nature of computer viruses, you can learn how they work and understand how to protect yourself from them.
A virus is a small piece of software that piggybacks on real programs. For example, a virus might attach itself to a program such as a spreadsheet program. Each time the spreadsheet program runs, the virus runs, too, and it has the chance to reproduce (by attaching to other programs) and wreak havoc.
An e-mail virus travels as an attachment to email messages, and usually replicates itself by automatically mailing itself to dozens of people in the victim’s e-mail address book. Some e-mail viruses don’t even require a double-click, they launch when you view the infected message in the preview pane of your e-mail software.
Virus authors adapted to the changing computing environment by creating the e-mail virus. Someone created the virus as a Word document and uploaded it to an internet newsgroup. Anyone who downloaded the document and opened it would trigger the virus. The virus would then send the document (and therefore itself) in an e-mail message to the first 50 people in the person’s address book. The e-mail message contained a friendly note that included the person’s name, so the recipient would open the document, thinking it was harmless. The virus can then create 50 new messages from the recipient’s machine.
Viruses take advantage of the programming language built into Microsoft Word called VBA, or Visual Basic for Applications. It is a complete programming language and it can be programmed to do things like modify files and send e-mail messages. It also has a useful but dangerous auto-execute feature. A programmer can insert a program into a document that runs instantly whenever the document is opened.
Microsoft applications have a feature called Macro Virus Protection built into them to prevent this sort of virus. With Macro Virus Protection turned on (the default option is ON), the auto-execute feature is disabled. So when a document tries to auto-execute viral code, a dialog pops up warning the user.
Unfortunately, many people don’t know what macros or macro viruses are, and when they see the dialog they ignore it, so the virus runs anyway. Many other people turn off the protection mechanism. So the virus spreads despite the safeguards in place to prevent it.
You can protect your computer or documents against viruses with a few simple steps:
If you are truly worried about viruses, you should be running a more secure operating system like UNIX. You never hear about viruses on these operating systems because the security features keep viruses (and unwanted human visitors) away from your hard disk.
If you are using an unsecured operating system, then buying virus protection software is a nice safeguard.
If you simply avoid programs from unknown sources (like the Internet), and instead stick with commercial software purchased on CDs, you eliminate almost all of the risk from traditional viruses.
You should make sure that Macro Virus Protection is enabled in all Microsoft applications, and you should NEVER run macros in a document unless you know what they do. There is seldom a good reason to add macros to a document, so avoiding all macros is a great policy.
You should never double-click on an e-mail attachment that contains an executable. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). However, some viruses can now come in through .JPG graphic file attachments. A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Once you run it, you have given it permission to do anything on your machine. The only defense is never to run executables that arrive via e-mail.
Saving in RTF (Rich Text Format) data document type not word document. Appreciate that RTF does not spread viruses. Microsoft Word macro viruses can present big security problems on the Internet. If you send RTF files instead of DOC (Document Files) files by e-mail, you can ensure that harmful macros won’t be inadvertently sent to others, but that most of your formatting will be preserved. Since RTF does not use macros, it cannot hide macros that might contain viruses.