Virus hits Chinese versions of Windows, Word
Users of some Chinese-language Microsoft software are at risk of losing all their data as a new virus hits the Net for the month of July, according to a computer security firm.
The virus W97M_AUTOEXEC, or "July Killer," originates in China, according to Trend Micro. Written in Visual Basic, a Microsoft programming language integrated into the Office product line, it affects users of Chinese Windows, a localized version of the Microsoft operating system, and spreads through Chinese Word 97 documents.
"Unless users are running Chinese Windows or frequently exchange word documents with Chinese Windows users, this virus is not considered an immediate threat," Trend Micro advised on its Web site. The company has updated its antivirus software to protect against July Killer.
Microsoft had not yet seen the virus as of this morning. But Neil Charney, group product manager for Microsoft developer tools, noted that when users receive viruses or other code through word attachments, Office 97 presents them with a dialog box alerting them that there is potentially damaging code in the document so they can choose not to run the macro.
A macro is a small chunk of code that can automate tasks like formatting. But macros also can execute malicious actions and spread themselves as viruses.
When recipients of the virus open an infected document, they are presented with a question and given three chances to answer, according to Trend Micro. Possible results include the messages, "You are wise, please choose this later again, critically," "Congratulations," and "Stop it! You are so incurable to lose 3 chances! Now, god will punish you?"
"Punishment" consists of deleting all the files on the c:\ drive on rebooting the computer, the security firm said.