Adam L. Beberg
Wed, 9 Jan 2002 21:07:42 -0800 (PST)
Viruses before the software is even out, you'd think it was sendmail.
- Adam L. "Duncan" Beberg
Virus Targets Microsoft Web Software
By Elinor Mills Abreu
SAN FRANCISCO (Reuters) - Someone has written a virus targeting Microsoft
Corp.'s (NasdaqNM:MSFT - news) Web services software, which has yet to be
released, security experts said on Wednesday.
The ``proof-of-concept'' virus was sent by its Czech author to antivirus
vendors so they could work with Microsoft on a fix, said Craig Schmugar,
virus research engineer at Network Associates Inc. (NasdaqNM:NETA - news)
The virus, dubbed W32/Donut, targets executable files created for
Microsoft's .NET Web services technology under which software will be
available online as a service to anyone using any device.
The threat from the virus is low since the .NET software is still being
tested by developers and has not yet been installed on a lot of machines,
according to Schmugar.
In addition, the virus does not spread itself via e-mail or Web browsers,
but requires someone to save an infected file to a computer hard drive for
it to infect other files, he said.
``It does not have any significant chance to become widespread,'' Symantec
Corp. (NasdaqNM:SYMC - news) said in a statement.
``However, it shows that virus writers are paying close attention to the new
.NET architecture from Microsoft and are attempting to understand the
framework that eventually will be available on most systems,'' Symantec
By its very nature, Microsoft's Web services will provide a relatively easy
way for nasty code to spread, said Schmugar.
The .NET technology ``is so Web-based that there's already a propagation
method,'' he said. ``There's a good chance that by the time (.NET) is fully
released there could be a virus that's ready to exploit it.''
Microsoft security experts were not immediately reachable for comment.
The Redmond, Washington-based software giant has been criticized by computer
security experts for developing software that too readily allows code to
perform executions on Windows systems, opening the door to viruses that
steal data, delete files or leave open back doors on systems for future
On Tuesday, security experts said they had come across a similar low-risk
``concept'' virus that targets Macromedia Inc. (NasdaqNM:MACR - news) Flash
animation files used to make Web sites more visually interesting.