Just like its progenitor, the Word macro virus, the Excel macro "Laroux" virus replicates itself each time a new document is created. This strain of the macro virus doesn't have a destructive payload, according to McAfee, but could corrupt other files.
"There is no need to panic. This is just one of hundreds of viruses discovered each month," a McAfee represenative said. "These macro viruses are just too easy to create."
NCSA, an organization that tracks viruses, confirmed the reports. The organization said that a crippled, uninfectious version of the virus has in fact been circulating among anti-virus tool developers for several weeks. A researcher at Command Software, another anti-virus software maker named the virus.
NCSA also said in a prepared statement that the virus is "less worrisome" than Winword.concept, a Microsoft Word macro virus that has become the most prevalent known virus, and is likely to be easier to control, partially because past experience in developing protection against Word macro viruses will help speed development of protection against Excel viruses. The NCSA predicts it will be several months before the virus becomes more widespread.
McAfee, meanwhile, says that the virus doesn't announce itself but that the "Unhide" function of Excel will reveal the macro in a hidden worksheet. McAfee has also posted to its Web site a free "evaluation" version of its VirusScan software for Windows that will detect the virus. The company is working on a version that will actually remove the virus for delivery by the end of August.
Kirstin Larson, group product manager for Microsoft Excel, says Microsoft is also aware of the virus and will post a free tool on a Web site within 48 hours that detects the virus. She added that the company is working to eliminate the nuisance altogether by building technology into the next release of Excel that will help prevent macros from executing and infecting documents.
A spokesperson for McAfee's competitor Symantec says it will also be updating its anti-virus program to target the new virus, but wouldn't specify a release date because Symantec programmers haven't actully looked at an example of the virus yet.
Symantec ready for Java virus to hit