Aug. 12 (Bloomberg) -- The spread of a computer virus on Microsoft Corp.'s Windows operating system through a previously reported security weakness accelerated in the past 24 hours, computer-security companies and Internet service providers said.

The ``Blaster'' or ``Lovesan'' worm has been detected in more than 57,000 systems out of 160,000 tracked by Symantec Corp., the top maker of software that guards against viruses. The worm spreads by attacking a weakness in most versions of Windows for server computers and Windows XP for PCs.

``It's already spread to many large companies because that's where the biggest networks are,'' Symantec spokeswoman Andrea Wolf said.

The worm infected PCs in Europe today as businesses opened. It spread rapidly in the U.S. yesterday morning and slowed in the afternoon, according to Vincent Gullotto, vice president of Network Associates Inc.'s anti-virus emergency response team. Gullotto said yesterday the spread hadn't been severe enough to slow traffic on the Internet.

The speed of the spread is about 20 percent that of the ``Slammer'' worm, a January virus that slowed Internet traffic, Cupertino, California-based Symantec said. The Slammer virus spread because many customers and Microsoft itself hadn't applied an update Microsoft had issued six months earlier.

Network Overload

TeliaSonera AB, the Nordic region's largest phone company, said the Blaster virus caused many customers' computers to restart repeatedly, leading to a network overload in Sweden. Many customers experienced problems with their computers, TeliaSonera said in a statement on the Hugin newswire.

The Blaster worm will attempt to shut down Microsoft's www.windowsupdate.com Web site Aug. 16 and continue until the end of the year, according to Symantec. It may be able to crash computers running Microsoft Windows, give the attacker control over the machines or compromise security settings, Trend Micro Inc. said in a statement.

Microsoft, the world's largest software maker, isn't taking any ``special action'' to combat the worm, spokesman Sean Sundwall said yesterday. The company has been urging customers to download a software patch to fix the flaw for the past month. The U.S. Department of Homeland Security last month warned of an increase in hackers looking for computers made vulnerable by the Microsoft flaw.

Protection, Response

To protect computers from the worm, which spreads itself over the Internet by looking for vulnerable computers, companies should use firewall software, install Microsoft's security patch and update and run their anti-virus software, Sundwall said.

If a computer is already infected, companies such as Symantec offer tools for removing the virus. Infected users can also manually remove the virus in a several-step process.

Users would need to shut down a Microsoft feature that restores damaged systems, update the virus definitions they receive from their anti-virus software company, shut down the process the virus is running on the computer, use anti-virus software to scan for virus files and delete them, and then delete changes the virus made to the Windows registry, according to Symantec.

The worm program contains text that appears to mock Microsoft Chairman Bill Gates, stating ``Billy Gates why do you make this possible? Stop making money and fix your software,'' according to Russ Cooper, manager of NTBugtraq, a security- related electronic mailing list. It's ``very common'' for virus writers to include such mocking comments, Cooper said.

Shares of Microsoft fell 6 cents to $25.55 as of 11:29 a.m. New York time in Nasdaq Stock Market trading.

Last Updated: August 12, 2003 11:42 EDT