The Melissa virus has hit at least ten major corporations in the US since Friday and by lunch time today, UK experts believe several corporate networks in Britain could be hit. Anti Virus company, Dr Solomons, has been dealing with calls all morning.
Kevin Street, technical director at Symantec, makers of Norton Anti-Virus, says UK corporates are at risk of "severe embarrassment and possibly legal risk" if the virus spreads from company to company and across into Europe. "Countries like Germany have very strict legislation dealing with the distribution of viruses," says Street. "If company A in the UK sends company X in Germany an email that contains the virus and say lists of adult web sites, the UK company could be held legally responsible."
Street told ZDNet News that he knew of at least ten "big corporates" in the US that had been affected since news of the virus broke late Friday. In a stark warning to British companies using the Internet, Street said, "there is no reason why this virus shouldn't hit the UK".
According to Street, "several" UK firms have been working this weekend to fix the problem -- some of them have resorted to bringing their Exchange servers down to ensure they are not affected.
Symantec has a fix for the Melissa Virus which can be downloaded using the Live Update function in Norton AntiVirus.
Reports from Dr Solomon's also suggest the Melissa virus is affecting UK businesses. According to technology consultant Lee Fisher the virus has "got everywhere" and technical support phone lines have been "clogged" with users affected by the virus.
Fisher warned that anyone who uses Microsoft Outlook could be affected. "As well as home users, we have had a lot of calls from corporate customers, including some large UK-based companies," says Fisher.
Meanwhile, another leading anti-virus expert says Melissa has exposed the fact that Microsoft has too few controls in its Office environment.
Dr Jan Hruska, technical director at Sophos UK, says Microsoft should design software with better controls, rather than "piling up functionality regardless of whether users need really need it". Hruska says "it's like distributing guns on the street corner. They can be useful, but in the wrong hands can be dangerous. Microsoft has poor control of functionality and users are paying for it."
Although the virus cannot destroy data, he warns the affect on corporate networks can be significant and claims the virus could clog up the Internet. "Society depends on email, so if the spine of your corporate existence is threatened then it's serious."
Hruska says the timing of the Melissa virus release was devious: "Where Melissa comes from is anyone's guess, but whoever posted it on Friday thought the anti-virus companies would be asleep over the weekend."
Sophos has posted a fix at its web site.
Scotland Yard's computer crime unit warned users to be extra vigilant. "It's down to good, common sense . Ensure you have anti-virus software, that's updated regularly. If you're not sure about who an email's from, do not open it," says a spokesman from the unit.