IT Services

Viruses Spread by Email

Email is now the most common way that viruses are transmitted between computers. The most common mechanism for this is in the form of an "attachment" to the message. The attachment facility is normally used for emailing documents, images, and so on. However, it is also possible for attachments to contain programs which get run when the attachment is opened.

The most basic steps to protect yourself against email virus attack are:

Install anti-virus software and keep it up-to-date.
OUCS currently recommends the Sophos anti-virus software which is available for a variety of systems including Windows, Macintosh, Netware, and various Unix platforms. Sophos can be downloaded via the registration services. After the initial installation, the software updates itself on a daily basis.

Don't open email attachments directly.
Although the latest anti-virus software can detect virus-infected documents "on-the-fly", it's safest to save email attachments to disk first. (This applies even if they come from someone you know — people you trust can unwittingly distribute viruses.) You can then perform an explicit virus scan before opening the document.

Use a document viewer to read received documents.
Viewers for various types of Microsoft Office documents are available from Microsoft's download pages at

Enable Virus Protection in Microsoft Office Components.
Microsoft's Office 97 and Office 2000 products include a macro-virus protection option. However, it is possible for this to get turned off. To check the current setting, use the [Tools/Options/General] menu dialog in Office 97 programs, and the [Tools/Macro/Security] dialog in Office 2000.

Disable The Microsoft Windows Scripting Host
Recent versions of Microsoft's Internet Explorer and Outlook email client include the ability to run script programs written in Microsoft's Visual Basic language. This is a facility that has been exploited by viruses such as the "Love Letter" virus. Disabling the scripting host will give protection against this form of attack. Details of doing this on various systems are included on a Sophos web page at

Further information on a wide variety of virus-related topics, including spyware, is available in our virus section.