WinPost News


Copyright 1996 Michael Newcomb

Excel and Word viruses

You've probably heard of this problem, but it's important enough that I decided to cover it here.

It's long been an accepted online truth that you can't catch a virus just by opening a document; you have to actually run a program. For this reason, people thought they were safe as long as they never launched a program without knowing where it came from.

Well, it's still very sensible to be suspicious of executable files, but there's now a new class of virus that can attack you if you do something that's long been considered safe: open a word processor or spreadsheet document.

The most famous virus in this new group is the Word "Concept" virus. It's more a nuisance than an actual danger, but it's very hard to get rid of. Worse, you can be re-infected just by opening an infected document. Accordingly, Concept tends to spread through corporate networks like a rash, breaking out over there just as you clear it up here.

How do these new viruses work? They take advantage of a convenience feature common to most advanced desktop applications: the built-in macro language. In Word, for example, it's possible to give a macro a special name that will cause it to be executed automatically whenever the document containing it is opened. That's how the virus attacks you: when you open an infected document, the macro runs, infecting your system. From then on, whenever you save a document and send it to someone else, that document will carry the virus.

Unlike supposedly-secure languages such as Java, the macro languages in today's productivity applications have almost unrestricted access to the operating system. For example, a WordBasic program can delete files, run system commands, launch other applications, and so on. This access makes document-carried viruses very dangerous, even though they are often written in "toy" languages like WordBasic.

Anti-virus software manufacturers are only now beginning to cope with this new threat. The most comprehensive protection currently comes from Symantec's Norton Anti-Virus, but other vendors are sure to catch up.

The most widely-publicized viruses affect Microsoft's Word and Excel. A dozen or so such viruses have been found so far. However, other applications aren't immune. Almost any program that has a macro language is a potential target, so it's wise to be careful.

Part of the problem with document-borne viruses is that many people don't know about them or understand how they work. Until more people are educated, it makes sense to take precautions even when receiving a document from a friend.

What can you do to protect yourself? First, if you haven't already done so, purchase an anti-virus program. Make sure it protects against document-borne viruses. If you already have an anti-virus utility, there's probably an update available online designed specifically to combat this kind of virus.

You can also take common-sense precautions against infection. For example, if someone mails you a document, even someone you know, open it with a document viewer instead of the "native" application. Or, use the "native" application to create a new document and then use the "copy" or "insert file" command to copy the original document's contents without actually "opening" it.

A third choice is to ask people to save their documents in a format that can't carry viruses. From Word, you might choose RTF, which can reproduce most Word formatting but can't transmit Word viruses.

Another thing to avoid is the "open enclosure" command in your mail program or Web browser. These commands will typically launch the "native" application to view a mail enclosure or Web link, allowing you to be infected before you realize what's happening. Eudora Pro, for example, allows you to "launch" attachments just by double-clicking their filenames; it's a quick and convenient feature, but dangerous to use carelessly in these times.

Where does the danger lie? Nearly all word processor, database, presentation, and spreadsheet files created by recent applications (Microsoft or not) can carry document-borne viruses in one form or another. HTML files can carry viruses, but you can protect yourself by turning off Java and Javascript in your browser, which might not be a bad idea in any case. Graphics files, such as GIF and JPEG images, cannot carry viruses. Nor can ASCII text, such as a plain e-mail message.

As in any other virus scare, it's important not to panic or blow the situation out of proportion. Nevertheless, it's wise to be on the lookout, especially if you spend a lot of time in a networked environment. It's all too easy for document-borne viruses to spread over a corporate or academic network.

Free Net software from Microsoft

As a part of Microsoft's ongoing effort to scrag competing Internet vendors, Bill's minions have set up a site full of free Web software, at least until September 15. If you visit the site, you will have to fill out a rather lengthy and impertinent form, but you can then download things like:

As you may know, I'm not much of a fan of Java, and I already have a fairly complete set of Web tools, so I chose not to fill out the blasted form. If you're thinking of setting up a small Web server, or you'd like to test Web things like CGI on your own machine, you might want to download FrontPage, but otherwise I remain suspicious of this free offer, fearing the blizzard of junk e-mail that may ensue.

Anyway, make your own decision; the site's at:

Microsoft Internet Explorer 3

The final version of Microsoft Internet Explorer 3 is now available. It seems to offer nearly all the features of Netscape's Navigator and, of course, remains free. I continue to use Netscape's latest beta as my browser, but I wouldn't pay for it; if I ever reach the point that I have to pay for a Netscape browser, I'll switch to Internet Explorer.

To entice new users, Microsoft is planning to offer free access (through the end of the year) to several services that normally charge a subscription fee, including The Wall Street Journal Interactive Edition. If you're interested in one of these services, switching to Internet Explorer can be well worth while: not only is IE free, it can actually save you money.

Infoseek Ultra

Infoseek has long been one of the most popular search engines on the Web. Until very recently, however, Infoseek's search engine was clearly outclassed by Digital's brute-force Altavista. That is about to change.

Infoseek has introduced a new searching tool called Infoseek Ultra. This new engine promises the exhaustiveness of Altavista coupled with a much more "intelligent" query engine.

As anyone who has used Altavista can testify, the latter is unrivaled at finding any use of a particular word or phrase on the Web. However, Altavista is not very skilled at evaluating how well pages match your search, or at "fuzzy" matching.

For example, if you use Altavista to search for Microsoft, you would probably get more than a million matches. Microsoft's home page, which is probably what you want, might be deeply buried.

Ultra tries to rank search results more sensibly, so the Microsoft Home Page would be near the top of the results list. It also works much harder to eliminate duplicates than Altavista.

Ultra can also discover many matches that would never occur to Altavista. For example, if you search for the number "1,000," Ultra will also find pages containing "1000."

Ultra searches are quite quick and the database seems to be updated with commendable speed. Infoseek claims that the new engine watches sites and determines how often they are updated, watching "static" pages less often than frequently-changed documents.

The only major disadvantage to using Infoseek's engines are the advertisements, which frequently take quite some time to download. Altavista, which is itself a sort of advertisement for Digital Equipment, is blissfully free of commercial interruptions.

Altavista used to be my favorite search engine, but I've begun to use Ultra more and more frequently. Give it a try!

DCI's Internet Expo

DCI is bringing the Internet Expo, which incorporates the Web World and E-Mail World expositions, to Boston's Hynes Convention Center on October 16-17, 1996. The company promises that there will be more than 500 exhibits.

Until September 23, you can register online for a free exhibits-only pass at DCI's Web site.

PowerToys and KernelToys

If you're a Windows 95 user, you should probably have a copy of Microsoft's PowerToys and KernelToys. These two sets of programs allow you to change many things about how your system works. For example, you can get rid of the "undeletable" things on your desktop, prevent the words "Shortcut To" from appearing on all your shortcuts, change your display settings without rebooting, and so on.

The only downside to the Toys is that there isn't much documentation provided on how to use or install them. Nevertheless, if Windows 95 is your main operating system, I strongly recommend making the effort to install the Toys.

The Toys are even more useful with the Microsoft's recent enhancements. Pick them up today!

Iomega Zip Tools

If you own an Iomega Zip or Jaz drive, you may want to download the new Zip Tools Version 5, which is available for free from Iomega's Web site. This new version includes updated drivers for Windows and the Macintosh, along with new backup and application-mover tools.

The only problem with the upgrade is accessing Iomega's upgrade site. It has been severely overloaded of late, with the six-megabyte download file either inaccessible or transferring maddeningly slowly. If you have access to America Online (keyword: Iomega) or the Microsoft Network (go: Iomega), you'll probably be better off downloading from the Iomega forum. You can also get the Zip Tools from Iomega's bulletin board system at (801) 778-5888.


If you haven't heard about this, you've probably been living in a sarcophagus, but just in case, id Software has released its long-awaited successor to the killer (literally) computer game "Doom." Doom has long been one of my favorite ways to release pent-up aggression; the only way to play Doom is to kill everything that moves.

The new version is called "Quake." Though id implies this is a new game, it's really a sequel to or variant on Doom: you still use a variety of weapons to kill supernatural enemies. Quake, however, takes the Doom idea to a new high.

First of all, Quake gives a much stronger impression of three-dimensionality than Doom did. The program renders surfaces and combatants very quickly. Explosions and weapons fire are impressively realistic. Monsters gush blood when they're shot; with luck, you can even get the monster's head to roll across the floor.

Quake is incredibly responsive; you can swivel in all directions in a way that seems "just like being there." This version features a well-designed multi-player option and runs well on DOS or under Windows 95. You do need a fast machine and at least 8MB of RAM (DOS) or 16MB (Win95). If you liked Doom, you'll probably love Quake.

Quake is also an interesting exercise in greed. The downloadable version contains only the first of the game's four levels. To access the other levels, you will have to pay forty-some dollars directly to id. The same applies for the Quake CD-ROM that will be sold in stores: you pay the store for the first level, but the others are encrypted. You'll have to purchase a key from id to access them.

By selling the program this way, id cuts out the middleman. The generic price for computer games these days is more or less $40, and that's still what you'll pay for Quake. For most games, though, the computer store or mail-order house you buy from gets a big chunk of your forty dollars. Further, they can cut prices to bring in customers, etc.

By forcing you to pay directly, id is making a cheeky grab for your gaming dollar. The stores will have to make do with whatever margin they can make on the $10 price of the Quake CD-ROM; id will get the lion's share of any profits from the game.

It's quite an idea. I'm not sure whether I approve or not. On the one hand, id is giving away a pretty good computer game: the first level of Quake. There are no time or usage restrictions on the first level, so you get a pretty good idea of whether or not the game interests you. Quake is a tough game; many users may never get off the first level, meaning that id will see no money whatsoever from them.

On the other hand, id stands to make a lot of money from people who want to go on to the later levels, much more than game manufacturers typically do. This model also hurts computer stores by denying them reasonable profits in exchange for shelf space and advertising. Whether or not CompUSA deserves sympathy is up to you.

Quake may turn out to be the model for future game distribution. Games are currently not very lucrative: building a good computer game takes an enormous amount of programming time and talent, yet people won't buy games if they retail for more than $50. It's a sad commentary, really, since many contemporary games contain as much code and ingenuity as productivity programs for which people unhesitatingly pay hundreds of dollars.

There may be one loophole in id's plan: I've already heard rumors on the Internet of ways to "break" the encryption of the later levels on the Quake CD-ROM. For the moment, these are probably just hacker boasts. Sadly for id, many of the game's most addicted fans are also prone to hack; if anybody finds a way to play Quake without paying for it, Doom could be doomed.

However, if id can make this "pay me" financial model work, we may see a renaissance in the game sector. Proving that a game can make lots and lots of money for its developers is the best possible way to lure investment into the field.

WordScan now OmniPage

If you are a user of Calera's WordScan OCR product, you should be aware that WordScan will no longer be upgraded. Caere, manufacturer of the WordScan's rival OmniPage 7.0, has merged with Calera, so if you are a WordScan owner, your only option is to upgrade to OmniPage.

Norton news

As noted above, Symantec has brought out a new version of Norton Anti-Virus for Windows 95. Among other things, this version is specifically designed to combat viruses found in application documents, such as Word and Excel files.

The new version includes "live update" technology to permit you to upgrade your virus protection at any time over the Internet. It features protection against polymorphic (or "mutating") viruses and offers a "repair wizard" to guide you through the virus-removal process.

There's also a fairly new version (7.5) of Symantec's remote access product, pcAnywhere32 for Windows 95. This version offers faster file transfers, session launching from Web browsers, ISDN support, IrDA (Infrared Wireless) connection, and more multi-session options.

Fast Find

Symantec is also beta-testing a new Internet searching utility, Internet Fast Find. This program submits a search to several Internet search engines, eliminates any duplicate links, and presents you with the results. It's an interesting program, and possibly worth a try, though I find search engines like Infoseek Ultra will find nearly anything I need.

There are several programs along the lines of Fast Find, but I have yet to see a program that helps actually people find things on the Internet. Most of the times, the engines will report either 100,000 hits or none; the trick is figuring out how to search effectively.

New drivers

Recently released or upgraded drivers:


[Home] [Previous] [Table of Contents] [Next] [Feedback]