Mac users hit by Melissa macro virus

She's back...

  • alert
  • submit to reddit

Updated (again) The infamous Melissa virus, which caused so much mayhem among the world's Windows users a couple of years ago, has struck again. And this time the targets are Mac users.

US ASP Messagelabs.com has being registering a number of Melissa outbreaks among users of Microsoft's Mac:Office 2001, according to MacCentral. The infection apparently began in the UK and Office 2001 documents containing the Microsoft Word macro virus quickly turned up elsewhere.

Melissa first struck in March 1999. Infected Word 97 and Word 2000 documents activate the illicit macro which them emails a document containing its own code and a list of 80 porn sites to the first 50 names in the user's Outlook address book.

Mac:Office 2001 has been around since late last year, so it's odd that the virus should have re-appeared now. The likely suspect in this case is not Office but Outlook. Microsoft released a public Outlook for Mac beta at MacWorld Expo last week, and we wonder whether it's that that has provided long-infected documents with a path to other systems.

Indeed, the original Melissa outbreak missed Mac users largely because they all use Outlook Express - which, lacking Outlook's Visual Basic support, can't spread Melissa further. The more network-oriented Outlook wasn't then widely available for the Apple platform.

This new outbreak sends a message with "Important Message From xxxxx" as the Subject line and "Here is the document you asked for .. don't show anyone else ;-)" as the message. The virus-containing enclosure is called anniv.doc, though we note that the original Melissa virus' enclosure was called list.doc.

Whatever, Mac users should keep a very close eye out for the message and kill it immediately.

Symantec and McAfee, the two chief producers of Mac anti-virus softare, have both acknowlegded the presence of the virus. Symantac said it would release a fix for its Norton Anti-Virus for Mac product later today. Until then the software will spot the infection but not remove it.

And both Sophos and F-Secure have jumped in with their own products. Sophos today released a patch for its virus scanner. ®

Related Stories

Melissa virus threatens to bring email to a halt
Serial numbers unmask Melissa author
Melissa programmer freed on bail


Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.