Virus Protection Without it--you're inviting trouble

by David Orenstein free-lance writer

Dismiss the summer’s plague of the Sobig.F and Blaster worms as old news at your peril. They weren’t the first and they won’t be the last, especially if millions of PC owners continue to leave their machines unprotected. More worms and viruses are guaranteed.

If you still haven’t protected your PC, you should now. Use what follows as a guide. The steps are simple and inexpensive, and you probably have heard them before. Leaving a PC vulnerable is like smoking: It is to invite trouble that is powerless without the invitation.

For example, the Sobig.F worm became the fastest-spreading malicious program in history, replicating a million times in 24 hours, even though it was entirely avoidable. The worm required users to double-click on a file attachment to an e-mail as a means of spreading the virus. Once an unwitting user did so, the worm stole an e-mail address from the victim’s address book and sent e-mails with infected attachments that appeared to come from the stolen address.

With seemingly innocuous subject lines in those messages such as, “Re: Details,” it seemed harmless for recipients to open the attachment, but those recipients violated an often-repeated, seldom-heeded rule of using e-mail: Never open an attachment you are not expecting, especially if the file is executable (ends in the extensions “.exe,” “.com,” or “.vbs”). Make sure your office staff knows this, also.

Attachments that are Microsoft Office documents also might be harmful if opened because they can take advantage of the programming language that lets Office power users run macros. To render attachments with extensions of “.doc,” “.xls,” or “.ppt” harmless, you should make sure Macro Virus Protection is turned on. How this is done varies in different versions of Office. In some versions you need to go to the “tools” menu, choose “options,” click the “general” tab, and make sure the “Macro Virus Protection” box is checked. In Office XP, choose “tools” and then “options,” but click instead on the “security” tab, then click the “Macro Security” button and select medium or high security.

Although e-mailed file attachments have become a common way for viruses and worms to spread, they are not the only means. The most important way to thwart viruses is to buy antivirus software and keep it up to date. The most popular packages are produced by Network Solutions (us.mcafee.com) or Symantec (www.symantec.com). Symantec’s Norton Antivirus, for example, will scan incoming and outgoing e-mails for viruses, as well as any and all files on a computer’s hard drive. It also will block malicious scripts (little programs that can live on Web sites) from starting. If it finds a virus or a worm, it eliminates it.

Buying the software is only half the battle, however. You must keep it up to date with a subscription so you can keep the software abreast of the fast-paced changes of the virus world. If you bought antivirus software in February but did not subscribe, you likely would not have received the update that armed the software against Sobig.F and Blaster.

Speaking of updates, keep Windows updated by visiting http://windowsupdate.microsoft.com frequently. Security companies constantly are finding ways hackers can exploit Windows, and Microsoft puts the fixes there.

Finally, buy and install firewall software, which also is sold by Network Solutions or Symantec. Users with Windows XP simply need to enable the one built in (see www.microsoft.com/security/protect/). A firewall blocks unauthorized programs on your computer from communicating with the “outside world.” Microsoft says that a working firewall is essential to protecting PCs.

Take these steps and your PCs should remain relatively safe (nothing is absolute). If your PCs are safe, then your practice will be safer, too.

David Orenstein is a technology and business writer in Silicon Valley. To learn more about a technology topic in Computing Care, e-mail him at davealli@comcast.net.