The company has made a patch available on its Visual Studio .net Web site that removes the infected file, which has not caused any known infections, according to Microsoft.
Christopher Flores, lead product manager for Visual Studio .net, said the hidden Nimda worm was discovered about a month ago by a Microsoft employee shortly after the product's release, as help files were being converted from native Microsoft file formats to HTML code to be placed online on its Web site.
The worm apparently got into the help file code while it was being created by a Korean software vendor that was doing English to Korean language translation, he said.
About 50,000 copies of the Korean language version of the program are affected, he said. No other languages or versions have been found to include the Nimda code.
The infected file is not used by the program, according to Microsoft, so it is unlikely that a user would initiate it and begin an infection.
The Nimda worm appeared last September as an infection that can strike all 32-bit Windows computers. It propagates using multiple methods and spread quickly around the world last autumn.
The outside vendor apparently scanned the code for viruses but scanned only known files in the code and not files that could have been added. The contractor was "too confident in their build process", Flores said.
The scanning loophole has since been fixed, and all files will now be scanned, he said. "That was a flaw in our Korean build system."
The company has contacted all customers who have registered the software and offered replacement CDs that do not include the Nimda worm, he said. All other users are being advised of the infection when they use the Visual Studio .net Web portal for developers and are being offered the patch and new CDs.