NEW YORK - If you have computer files you'd rather not lose, now is a good time to make sure your anti-virus software is up to date. A worm set to activate Friday will corrupt documents using the most common file types, including ".doc," ".pdf," and ".zip."
Hundreds of thousands of machines are believed to be infected, mostly in India, Peru, Turkey and Italy, said Mikko Hypponen, chief research officer for Finnish security company F-Secure Corp.
The worm, known as "CME-24," "BlackWorm," "Mywife.E" or a number of other monikers, even tries to disable anti-virus software that is out of date, he said.
Thus, users should make sure their software is turned on and has the latest definitions, generally available for free from the software vendor's Web site. F-Secure also has created a free removal tool.
"If you are infected, and you find out about it today, you still have time to get rid of the virus," Hypponen said.
As worms go, the spread of BlackWorm is relatively low. But worms these days are generally designed to help spammers and hackers carry out attacks, not to destroy files as this one does. So the impact this time may be more severe.
Microsoft Corp. issued an advisory Tuesday warning customers about the worm, which affects most versions of its Windows operating system.
Users should be safe if they have the latest anti-virus software or if their computers are set with limited privileges, a common setting in larger organizations. They are vulnerable if they, like many small business and home users, leave their computers set with full administrative rights.
And users should check the date on the computer. The worm hits the third of every month, so if the computer's local calendar settings are off, Hypponen said, files may be destroyed sooner or later, even if the computer is never turned on Friday.