An e-mail sent out last week from a “spoof” e-mail account with a Stars and Stripes return address does include a virus in an attached file, computer security experts said Wednesday.
A security check by Symantec Security concluded that a virus was embedded in the Excel file attached to the message with the subject line “FY07 Proposed 2.2 Increase Military Pay Chart.”
The message contained two attachments — a falsified story attributed to a nonexistent Stripes reporter and the Excel spreadsheet — and was sent from an unknown computer server outside of Stripes control.
According to the Symantec diagnosis, computer users who believe they received the file should delete the file “Paychart-FY07.xls” and any “rbackup.doc” files on their computers.
“You can tighten your security settings (menu Tools/Macro/set ‘High’ in Excel),” the Symantec report read. “Also, please patch your Office suite ASAP, when Microsoft releases a patch for the recent 0day vulnerability exploiting a VBA flaw in their programs.”