The WinWord.concept virus has taken root as the most common virus around today and is spreading quickly, according to a preliminary survey of corporate and government end-user sites prepared by the National Computer Security Association (NCSA), an association of utility vendors.
Ninety percent of the 350 attendees at an NCSA security conference in January said they encountered a WinWord.concept virus in the last year; at the same conference, eight out of ten large corporate sites, including Microsoft, reported having experienced the WinWord.concept virus in the past three months.
The WinWord.concept was first detected last July and is part of a new class of computer viruses called "macro viruses," which are designed to infect the macro language in Microsoft Word. There are about five other known macro viruses, but the WinWord.concept virus is by far the most common.
According to Peter Tippett, president of the NCSA, the WinWord.concept virus
has become so prevalent for several reasons:
--it infects, attaches to, and travels with document files that are meant to be shared with other users;
--most networks do not naturally inhibit macro virus replication;
--the host requirements that support replication of word macro viruses are ubiquitous;
--Word documents, the carrier of the virus, commonly travel as attachments to email;
--most antivirus strategies used by most companies do not account for viruses that travel with documents.
Several antivirus utility vendors, including Symantec and IBM, have already released packages that can detect and destroy macro viruses. But by virtue of traveling through email, the concept virus can sneak through unless the entire network is inoculated.
NCSA is preparing a description of strategies for dealing with the concept and other macro viruses and the costs, strategy, and basis for the problem. It will be available on April 1, along with the full survey results.