Data Fellows the First to Solve the New Macro Virus Problem

Espoo, Finland, April 17, 1998 -- The award-winning F-Secure Anti-Virus by Data Fellows is the first anti-virus program to detect and disinfect the recently discovered Microsoft Access macro viruses.

Detecting Access macro viruses can be done simply by scanning the Microsoft Access database files (also known as MDB files) from beginning to end. However, the size of a large database file can be several hundred megabytes, and using a simple scan would take hours. The time required can be shortened dramatically, if the scan is performed on the macro area of the file only. But in order to do this, an anti-virus product must be able to parse the complex and undocumented structure of Access database files.

"Thanks to its modular CounterSign architecture, F-Secure Anti-Virus already has the technology to not only quickly detect, but also accurately remove macro viruses from Access files," says Mr. Mikko Hypponen, Product Manager, Data Fellows.

The quick solution to the Access virus problem was provided by AVP, one of the scanning engines used by F-Secure Anti-Virus. AVP is able to isolate the macro areas of Access files, and thus perform a scan in a fraction of the time needed by other engines. This technology also allows F-Secure Anti-Virus to disinfect Access macro viruses quickly and accurately.

Mr. Hypponen continues: "As the AVP engine is extraordinarily extendible, its scanning behaviour can be changed dramatically with a simple update file. Therefore F-Secure Anti-Virus is already up-to-date with the new virus threat."

The different scanning engines within F-Secure Anti-Virus use different approaches to problems such as this, and enable F-Secure Anti-Virus to offer its users a comprehensive range of solutions.

Says Mr. Hypponen: "Of all currently available anti-virus products, F-Secure Anti-Virus is the best equipped to handle all present and future virus threats."

About Access Macro Viruses

The first macro viruses to spread within Microsoft Access database files were found on the Internet at the end of March 1998. Until then, macro viruses had only been found in Microsoft Word and Microsoft Excel applications. However, Microsoft Access uses a macro language similar to that of Word and Excel, and can therefore easily operate as a carrier for macro viruses.

At the moment, the risk of being infected by an Access macro virus is fairly small. Unlike Word and Excel documents, Access files are not frequently shared between companies or sent via e-mail. However, there are two ways in which Access macro viruses could become more common:

1. If a vendor (such as a third party developer using Access as a back-end server) ships a commercial application with an infected MDB file; or

2. if a virus-writer successfully creates a cross-platform virus which infects several MS Office application files, such as Word DOC, Excel XLS and Access MDB files.

Because of these possibilities, anti-virus research groups have put a lot of time and effort into developing the scanning of Access MDB files.