Users who practise safe computing have nothing to fear from Melissa-X

January 19, 2001 Sophos Press Release

Sophos Anti-Virus, a world leader in corporate anti-virus protection, has announced that users practising safe computing have nothing to fear from the Melissa-X virus. However, users without the latest version of their anti-virus software may be unable to detect the virus.

The virus, a new version of the first mass email virus, Melissa, which first hit in 1999, is spreading as an infected word document created by the latest version of Microsoft Word - Word 2001 for Macintosh. Although the attachment - anniv.doc - is a Word 2001 document, the virus will affect users of older version of Word on both Macintosh and Windows systems and Sophos is urging users to be vigilant.

"This is a wake-up call for anyone who thinks viruses happen to other people," said Graham Cluley, senior technology consultant at Sophos Anti-Virus . "Everyone should be employing safe computing practices. My message is simple - stop opening unsolicited attachments; start treating your computer with the respect it deserves."

Sophos Anti-Virus was one of the first anti-virus companies to announce an update for the virus. Users of other anti-virus vendors may experience problems because the Melissa-X is written in the very latest version of Word and their software may not be able to scan for the virus.

"Unless users have the very latest version of their anti-virus software, they may not be able to detect the Melissa-X virus, even with a patch," added Cluley. "Some anti-virus vendors let their users keep an old version of the software and just update the identity files for new viruses. this works fine most of the time but in cases like this it can be a real problem."

Sophos Anti-Virus updates its software every month and sends a completely new version to every customer on CD. Incremental updates for new viruses are also available to be downloaded from the Sophos website.

Sophos advises users to check their vendor's websites for the latest patches and ensure they are running the latest version of their anti-virus engine.

The Melissa virus was released in 1999 and was written by David L.Smith in the USA. It was one of the first viruses to successfully spread itself by email. Virtually all mass mailing viruses have based themselves upon Smith's code. Smith himself was caught and found guilty of causing more than 80 million dollars of damage in 1999. However, he is still awaiting sentence.