Computer virus Sircam is reported to have corrupted IT systems at several organisations in the UAE, sources said yesterday. The Dubai Press Club also issued an advisory: "The potentially dangerous virus has made its appearance in the UAE."

Indications are that the virus implanted itself into systems which did not take preventive action, even though this was available.

And while the CodeRed worm may have proved largely ineffective so far, it may take on more potent destructive powers today, according to Cert Advisory.

"On average, we receive 40 to 50 e-mail messages carrying Sircam through our external correspondences. The worm is quite widespread, but if effective preventive measures are installed it's not destructive," said a senior IT official at a major multinational.

Both Sircam and the CodeRed threaten IT systems through Microsoft applications - the MS Outlook in the case of the former, and the Windows 2000 in the latter.

A Microsoft official, speaking on condition of anonymity, however stated: "We have not received any information from our clients about disruption to their systems from the Sircam.

Since July 17, we have been providing regular updates to our regional clients about the virus and the corrective measures available. If anyone had problems, they could have contacted us."

Sircam, first detected on July 17, attaches itself to the address books of almost any Windows e-mail programme as well e-mail addresses it finds in the cache file of the Web browser of the infected machine.

"With the number of viruses doing the rounds its difficult to keep track, especially for small businesses who will have to invest in additional software and in the services of IT experts. Its better that long-term solutions are found," said a senior official at a company which was affected. Restoration of services took up several hours.

Another potentially dangerous element of Sircam is that it sends a randomly chosen file from the infected PC's hard drive, sending confidential business data or embarrassing personal information along with itself. The e-mail subject line matches the name of the file being sent.

It can also steal a random file from the hard disk of an infected machine and attach this to the message it sends, thus contributing to the clogging of mail servers.

The virus always begins with "Hi! How are you?" and ends with "See you later. Thanks."

According to Symantec, users should update their virus definitions and conduct a full system scan as counter measures. They should also not launch attachments unless they are expected. Organisations must maintain a multi-tiered approach to security.

On the likely danger today, Cert Advisory stated: "CodeRed is likely to start spreading again on July 31 and has mutated so that it may be even more dangerous.

"To rid your machine of the current worm, reboot your computer. To protect your system from reinfection, install Microsoft's patch for the CodeRed vulnerability problem." The patch is located at http://www.microsoft.com/technet/security/bulletin/MS01033.asp.