Virus Alert -- Beware of File Attachments

It's even more important now that Microsoft has revealed a previously unknown security hole in Windows that a group of hackers have exploited with a virus, called Duqu, that attempts to trick computer users into opening an infected Microsoft Word file attachment by making it appear as if it came from a friend.

Neither Microsoft nor anti-virus software companies currently have an effective antidote to the Duqu malware.

The Duqu malware spreads by infecting a computer, opening the infected user's address book, and then sending the infected Word file on to the users in the address book, knowing that many of those recipients will unwittingly open the file attachment because they think it's from a friend.

By infecting many computers, the hacker can use the infected computers as an "army" to attack larger computing systems such as corporate or government systems. That is believed to be the motivation behind the Duqu malware, which bears similarities to a virus that compromised Iran's nuclear program.

The virus can only infect your computer if you open the infected Word document. Your computer will not be infected simply by opening the email that contains the infected attachment. You must open the attachment ... thus, my warning not to open file attachments that you weren't expecting unless you have confirmed who it came from.

This particular virus is known as a Zero-Day Exploit, meaning the virus was developed before Microsoft knew about the security hole that the virus exploits.

Microsoft knows about the virus now and is working toward a security update to patch the security hole that Duqu exploits.

In closing, don't open file attachments from people you don't know, and only open file attachments from people you do know if you were expecting the file attachment or have confirmed by phone or email that it is indeed a valid email.