Language Selection

English French German Italian Portuguese Spanish

Windows Vista tool targeted by virus writers

Filed under
Microsoft

Virus writers have published what are thought to be the first examples of malicious code targeting an expected feature of Microsoft's Windows Vista operating system, around a week after the first beta of the next-generation operating system was released.

Five proof-of-concept viruses that target Monad, the next version of Microsoft's command prompt, were included in a recently published virus writing magazine, according to Mikko Hyppönen, the director of antivirus research at F-Secure.

Monad is a command line interface and scripting language that is similar to Unix shells such as BASH, but is based on object-oriented programming and the .Net framework. It was initially expected in Vista, but Microsoft hinted a couple of months ago that it may not be ready for initial versions of the Vista client or server. However, Microsoft has confirmed that Monad will be included in Exchange 12, the next version of the company's collaboration server due in the second half of 2006.

The proof-of-concept viruses, along with detailed explanations of how they work, were included in a magazine that was published on the Web over the last week. The viruses' only action is to infect other shell scripts on the host's operating system. They would cause little harm in the wild, but would be relatively easy to modify using the information from the article, said Hyppönen in a blog posting on Thursday.

He warned that if Microsoft ships Monad with Vista and it is enabled by default this could lead to an "outbreak of scripting viruses". Microsoft may choose to ship the tool as an add-on or disable it by default to reduce the risk, he added.

Even if Microsoft fixes this problem, virus writers are probably working hard to find other holes in the operating system itself, according to Hyppönen.

"There are always virus writers who want to be the first to write a virus for a new platform. I wouldn't be surprised if we see a virus targeting Vista itself soon," he said.

The Monad viruses were written by a virus writer who calls himself "Second Part To Hell" and is believed to live in Austria, according to Hyppönen.

The final version of Vista for the client is due to ship in Autumn 2006 with the server expected in 2007.

Microsoft was unable to comment in time for this article.

By Ingrid Marson
ZDNet UK

Virus target won't be in Vista

This is how M$ deals with it:

"Monad will not be included in the final version of Windows Vista," Stephen Toulouse, a program manager in Microsoft's security group, said in a blog posting. "So these potential viruses do not affect Windows Vista."

Microsoft is responding to the online publication of five examples of malicious code that target Monad. The tool was initially intended to be included in Vista. When news of the exploits came out, it triggered reports that they would be the first viruses for Windows Vista.

That story on cnet.
----
You talk the talk, but do you waddle the waddle?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Radeon vs. NVIDIA Performance For HITMAN On Linux With 17 GPUs

Last week Feral Interactive released the much anticipated Linux port of HITMAN, which debuted for Windows last year. Now that there's benchmark support for HITMAN on Linux, I have been running a number of tests for this game that's powered by the Glacier Engine and making use of OpenGL for rendering on Linux. In this article are our initial AMD Radeon performance figures making use of the RadeonSI Gallium3D driver compared to NVIDIA's driver and the assortment of GeForce results published yesterday. Read more

How China Mobile Is Using Linux and Open Source

China Mobile is one of the biggest telecom companies in the world, with more than 800 million users in China -- all of whom are served with open source technologies. During the 2016 Mobile World Congress, China Mobile declared that the operational support system running their massive network would be based on open source software. China Mobile is not alone; many major networking vendors are moving to open source technologies. For example, AT&T is building their future network on top of OpenStack, and they have invested in software-defined technology so significantly that they now call themselves a software company. Read more

Today in Techrights

today's leftovers

  • [elementaryOS] AppCenter: Funded
    A few moments ago, we hit 100% funded for our AppCenter campaign on Indiegogo. Thank you, backers! More than 300 people backed us over just two weeks to help bring our pay-what-you-want indie app store to life.
  • Linux Lite To Have These New Features In The Next Release Linux Lite 3.4
    ...we contacted the creator of the Linux Lite “Jerry Bezencon” and enquired the upcoming new features in the latest version of the Linux Lite. We have also done a review of the latest available distro i.e. 3.2 (32 bit) so that the readers can understand easily where are the new features headed towards.
  • Buy or Sell? What Analysts Recommends: CMS Energy Corporation (CMS), Red Hat, Inc. (RHT)
  • What Does The Chart For Red Hat, Inc. (RHT) Tell Us Presently?
  • LEDE-17.01 is coming [Ed: it has actually just come out, just like LWN's paywall]
    For some years, OpenWrt has arguably been the most active router-oriented distribution. Things changed in May of last year, though, when a group of OpenWrt developers split off to form the competing LEDE project. While the LEDE developers have been busy, the project has yet to make its first release. That situation is about to change, though, as evidenced by the LEDE v17.01.0-rc1 release candidate, which came out on February 1. Many of the changes made in LEDE since the 2015 OpenWrt "Chaos Calmer" release will not be immediately visible to most users. The core software has been updated, of course, including a move to the 4.4.42 kernel. There are a number of security-oriented enhancements, including a switch to SHA256 for package verification, the disabling of support for several old and insecure protocols, compilation with stack-overwrite detection, and more. There is support for a number of new devices. Perhaps the most anticipated new feature, though, is the improved smart queue management and the WiFi fairness work that has been done as part of the bufferbloat project. It has been clear for some time that WiFi should work far better than it does; the work that has found its way into the LEDE release candidate should be a significant step in that direction. Your editor decided that it was time to give LEDE a try, but there was some shopping to be done first. Getting the full benefit from the bufferbloat and airtime fairness work requires the right chipset; most of this work has been done on the Atheros ath9k driver. So the first step was to go out and pick up a new router with ath9k wireless. That is where the things turned out to be harder than one might expect.
  • Microsoft Faces European Privacy Probes Over Windows 10
    Microsoft Corp. faces a coordinated investigation by European privacy regulators after it failed to do enough to address their concerns about the collection and processing of user data with a series of changes to Windows 10 last month. European Union data-protection officials sent a letter to Microsoft saying they remain “concerned about the level of protection of users’ personal data,” according to a copy of the document posted by the Dutch watchdog Tuesday. Regulators from seven countries are concerned that even after the announced changes, “Microsoft does not comply with fundamental privacy rules.”