EDMONTON — A new Internet worm that preys on a flaw in the Windows operating system infected thousands of computers across Canada Monday, causing users to panic and call in the experts.

The virus, which has been spreading around the world since Friday, resulted in a frenzy of calls to computer consultants from panicked PC users. Many were planning to work into the night to help weed out the bevy of glitches.

“Unless you have some sort of protection, like some firewall software, it can just worm its way into your computer,” said Kelly Shubert, director of technical services at CompuSmart in Edmonton.

“It doesn’t take very long if you’re unexposed on the Internet to get it. If you are literally vulnerable out on the ‘Net, you probably have it already,” he said.

The virus, dubbed the Sasser Worm, does not require users to click on an e-mail attachment to activate, meaning it spreads more quickly than other viruses. Once Sasser infects a computer, it automatically scans the Internet for other computers with the flaw and sends a copy of itself there.

While the damage the virus causes is low — it causes computers to continually crash and slows down without permanently damaging files — it spreads “wildly,” Schubert said, adding its cost will be measured in “down time.

“You will see whole offices send people home,” he said. “It’s a matter of really not a huge threat to the machines. Once we know about the virus it’s just a matter of removing it. It’s the cost of down time, which is the number one cost of [information technology].”

At Edmonton city hall about 50 employees were trying to get the city’s 250 central servers and 4,300 desktop PCs back in action.

“It’s a big pain in the neck,” said Stephen Gordon, the city’s director of IT operations. “We’re trying to stay calm but there’s a lot of people working very hard to fix this.”

City employees continued to work, but a lot of business was slowed down without e-mail and other computer applications.

The virus struck several large companies in Germany, Britain and the United States that are clients of Network Associates Inc., said Vincent Gullotto, a vice-president at the company’s anti-virus research lab. He would not name the companies. But a large television network in Europe was also hit, two security sources said, speaking on condition of anonymity and refusing to elaborate.

Finland‘s third largest bank, Sampo, closed 120 of its offices for a few hours as a precaution Monday while technicians updated anti-virus programs.

Although Microsoft Corp. announced three weeks ago the flaw that Sasser exploits — it’s a windows function called Local Security Authority Subsystem Service — many computer owners had yet to apply the software fix the company had released.

Microsoft recommended that owners of Windows 2000 and XP computers install software patches, available at http://windowsupdate.microsoft.com. Sasser does not affect older versions of Windows, and security experts said they do not anticipate the outbreak to be as widespread as last summer’s Blaster outbreak, which affected millions of computers.

© The Vancouver Sun 2004