Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

First Vista viruses unleashed

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts
View previous topic :: View next topic  
Author Message
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 May 2014
Posts: 768
Location: Virginia, USA

PostPosted: Fri Aug 05, 2005 5:30 am    Post subject: First Vista viruses unleashed Reply with quote

Quote:
First family of Windows Vista viruses unleashed
Friday, 5 August, 2005
Robert McMillan, San Francisco

An Austrian hacker earned the dubious distinction of writing what are thought to be the first known viruses for Microsoft Corp.'s Windows Vista operating system. Written in July, the viruses take advantage of a new command shell, code-named Monad, that is included in the Windows Vista beta code.

The viruses were published last month in a virus-writing tutorial written for an underground hacker group calling itself the Ready Ranger Liberation Front, and take advantage of security vulnerabilities in the new command shell. Unlike the traditional Windows graphical user interface, which relies heavily on the mouse for navigation, command shells allow users to use powerful text-based commands, much like Windows' predecessor, DOS.

The viruses were written by a hacker calling himself "Second Part To Hell," and published on July 21, just days after Monad was publicly released by Microsoft, according to Mikko Hyppönen, chief research officer with Helsinki's F-Secure Corp. Second Part To Hell is the pseudonym of an Austrian-based hacker who also goes by the name Mario, Hyppönen said.

Because of its sophistication, the new command shell offers new opportunities for hackers, Second Part To Hell wrote in the tutorial, a copy of which was obtained by the IDG News Service. "Monad will be like Linux's BASH (Bourne Again Shell) -- that means a great number of commands and functions," he wrote. "We will be able to make as huge and complex scripts as we do in Linux."

F-Secure has named the virus family Danom (Monad in reverse). After examining the code, Hyppönen said that the Danom family is disruptive, but not capable of causing significant damage to Windows users. "These are proof of concept viruses," he said, "Where virus writers want to break new ground and write the first viruses for a new platform."

Most security experts had not expected to see a Windows Vista virus so soon, Hyppönen said. "The only surprise here is that it came so early," he said. "It's been eight days since the beta of the operating system was out." Monad was released several days prior to the Windows Vista beta. Still, Danom's release does raise questions about whether or not Microsoft should enable the Monad shell by default in Windows Vista.

Because Monad's scripting capabilities will only be used by advanced users, Hyppönen believes Microsoft should not offer the software as part of the standard Windows Vista package when it becomes commercially available in the second half of 2006. This would make the software less prevalent, and therefore less attractive to virus writers, he said.

Microsoft "got burned," by including similar software, called Windows Script Host, by default in its Windows 2000 operating system, he said. "Since it was on the system, all the virus writers were exploiting it," he said.

Microsoft was unable to comment on this story at press time.

http://computerworld.co.nz/news.nsf/NL/4FC3F14B5DB4E724CC2570530074CEBD
Back to top
View user's profile Send private message
MadameX
Site Admin


Joined: 12 Jul 2004
Last Visit: 27 Apr 2008
Posts: 1438

PostPosted: Fri Aug 05, 2005 8:44 am    Post subject: Reply with quote

They certainly don't waste any time do they?
_________________
CARMA
Back to top
View user's profile Send private message Visit poster's website
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 May 2014
Posts: 768
Location: Virginia, USA

PostPosted: Fri Aug 05, 2005 9:42 am    Post subject: Reply with quote

No they don't. And I suspect there are a lot more surprises just lying in wait.
Back to top
View user's profile Send private message
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 May 2014
Posts: 768
Location: Virginia, USA

PostPosted: Sun Aug 07, 2005 4:23 am    Post subject: Reply with quote

Looks like MS is not wasting time either.
Quote:
Microsoft: Virus target won't be in Vista
Published: August 5, 2005, 1:02 PM PDT
By Joris Evers
Staff Writer, CNET News.com

A new scripting tool targeted by a virus writer will not be part of Windows Vista, the next Windows client release, Microsoft announced Friday. Instead, the software maker is looking at possibly delivering the command-line shell tool, code-named Monad, as part of its next major server operating system release, a Microsoft representative said. That release, code-named Longhorn Server, is due in 2007.

"Monad will not be included in the final version of Windows Vista," Stephen Toulouse, a program manager in Microsoft's security group, said in a blog posting. "So these potential viruses do not affect Windows Vista."

Microsoft is responding to the online publication of five examples of malicious code that target Monad. The tool was initially intended to be included in Vista. When news of the exploits came out, it triggered reports that they would be the first viruses for Windows Vista. With the announcement, Microsoft is making it clear that the Monad viruses will not affect the client version of the operating system update, formerly known as Longhorn.

http://news.com.com/Microsoft+Virus+target+wont+be+in+Vista/2100-1002_3-5820706.html?tag=cd.lede
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group