Virus-like worm snarls networks in parts of Asia, Europe, U.S.

STOCKHOLM, Sweden -- An Internet-borne infection incapacitated tens of thousands of computers on Tuesday, snarling company networks and frustrating home users as it spread across the globe.

Security officials said the virus-like worm, dubbed "LovSan," was part of a coordinated electronic attack that exploited one of the most serious flaws yet discovered in Microsoft Corp.'s Windows operating systems.

The worm was first reported in the United States on Monday and, while appearing not to delete files or otherwise incur permanent damage, knocked many computers offline. Non-Microsoft systems were not vulnerable.

Across Asia and Europe, it struck many businesses as they opened and workers logged on.

Graham Cluley, a senior technology consultant with Sophos PLC in Britain, said his company started getting reports about the infection from Australia and then in Europe.

In Sweden, Internet provider TeliaSonera said about 20,000 of its customers were affected after the infection clogged 40 servers that handled Internet traffic.

The infection was dubbed "LovSan" because of a love note left behind on vulnerable computers: "I just want to say LOVE YOU SAN!" Research-ers also discovered another message hidden inside the infection that appeared to taunt Microsoft chairman Bill Gates: "billy gates why do you make this possible? Stop making money and fix your software!"

Microsoft had posted a free patch on its Web site.

to protect Windows users after it warned on July 16 about the flaw. Nearly all versions of Windows are affected.

The high-profile alerts issued by Microsoft notwithstanding, many businesses did not initially install the patches and scrambled Tuesday to shore up their computers.

"People are too laid back. Microsoft doesn't do these warnings for fun," said Cluley. "I think a lot of people have gotten into the habit of thinking viruses only come in via e-mails."

S.C. Leung, spokesman for the Hong Kong Computer Emergency Response Team Coordination Center, said some home computers crashed, possibly a side effect of the infection, also dubbed "blaster."

Individual users and small businesses appeared to be at greater risk than bigger companies, which typically have firewalls that can stem such attacks. But once such a worm gets inside a firewall, unprotected computers are vulnerable.

South Korea's Information and Communication Ministry said that about 1,900 cases of the infection were reported there.