A virus is released for an operating system that has yet to be released, yet MacOSX is now four years old and has yet to have a SINGLE virus actually make it into the wild, with only one theoretical one ever being produced.

Earth to Redmond...you're hiring the wrong people.

In the first paragraph, the word "reek" should be "wreak." "Wreak" means to cause or inflict, like "wreak havoc."

"Reek" means to smell bad, or "to be pervaded by something unpleasant" (which, of course, is somewhat appropriate even so).

Sorry for the grammar pedantry.

Seems the anti-virus & security "experts" were just itching to be the first to come up with something. While I'm one of the first to come down on MS when another security flaw is revealed, this time it is wise to stay silent. This thing they describe is anything but a virus. Its a script. The script is executed by a user with admin privileges. This means you have to have physical access to the machine. While it does replace all other scripts that it finds in the system with copies of itself.... so what? You can do that with practically any scriptable OS. It doesn't run automatically and it does not replicate itself to another machine, so how can it be anything other than just a regular old script?

I hope someone who knows more than I do will step up and tell me just how this is a security flaw.

A virus for an O/S in beta stage.

Come on guys, best scenario; Vista will face another year
of development/programming before hitting the streets!

nt

It's a freakin beta. Be fair and wait until it's released and real viruses come out. THEN we can knock M$ for releasing more crap!

The more holes the beta testers find the more they can close before the next major release of their Beta - then the cycle goes on again. The malicious hackers are going to keep their findings quiet until Vista ships, but at least some holes will e closed before the average customers get their Vista loaded computers from Dull.

By the way - where is RC?

the sky is falling!

Saying it is a Vista virus is misleading -- http://www.microsoft-watch.com/article2/0,1995,1844190,00.asp?kc=MWRSS02129TX1K0000535

Quote

Biff wrote:
It's a freakin beta. Be fair and wait until it's released and real viruses come out. THEN we can knock M$ for releasing more crap!

By the way - where is RC?[/quote]

WTF?? DO YOU MISS HER???

geezuz, im happy that there is no rc here yet.....

It's totally besides the point whether it's a script or a binary or what. Also it's besides the point how it gains execution rights: it replicates, so it's a virus.

Sure it won't go far, but it's a virus. This is exactly the way viruses like CIH spread too.

RC, any comments on Vista's first infection?? Winblows Vista = CRAP.

RC does not comment on anti-microsoft facts. Please do not feed the troll and please do not bait the troll.

It should be more than obvious by now that M$ designs malware into their products. It’s a “feature,” not a “bug!”

Quote

Guest wrote:

Quote

Guest wrote:
By the way - where is RC?

WTF?? DO YOU MISS HER???

geezuz, im happy that there is no rc here yet.....

Why is anyone concerned about virusus on their windows? They re billions ands billions of virusus out there, inside and outside your house, your body, your car, your job. So how do you expect any kind of windows to keep em out. I for one am more concerned with thieves, or maybe even a bird to come flying in thru mine. So i just keep em closed all the time.

So they're viruses that effect Monad, which can be installed on Windows Vista. Not exactly Vista-specific viruses. But hey, nobody should worry that Microsoft suddenly learned how to make a secure operating system, there ought to be tens of thousands of currently existing Windows viruses that are capable of infecting Vista.


"The more holes the beta testers find the more they can close before the next major release of their Beta - then the cycle goes on again"

Uh huh. If it's not serious enough to fatally corrupt Windows every time somebody turns on their computer, Microsoft doesn't care about fixing any problem.

Quote

Anonymous wrote:
If it's not serious enough to fatally corrupt Windows every time somebody turns on their computer, Microsoft doesn't care about fixing any problem.

It isn't a virus at all and calling it one is irresponsibe Journalism

I disagree. It is not irresponsible journalism. TMO is reporting what F-Secure has on its website. That is journalism - the propagation and interpretation of information to a wider audience. (I'm sure there are more reliable definitions, but it's the one I'm using for the sake of this argument.)

It then comes down to how much credence you place in F-Secure. On its website it does state that Monad will not be included in Vista. However Monad is available, still, from Microsoft's website.

From F-Secure's description of the viruses:

Quote

Danom viruses are proof-of-concept viruses for Microsoft Command Shell codename Monad. They do infect other Monad scripts, although there is also a cross infector for .MSH, .BAT and .CMD files. […]

VARIANT: Danom.A
This virus searches for .msh files and if such are found it looks for an infection marker "Candela". If the last is not present in the file, the virus appends its code to the victim file.

VARIANT: Danom.B
Danom.B virus infected .msh, .cmd and .bat files. If the infection marker "Candela" is not found, the virus infects by prepending its code. However .bat and .cmd infected files overwrite during infection.

VARIANT: Danom.D
SIZE: 249
This is a small code written to overwrite .msh files with itself. It searches for such files and checks for the length. It tries to infect if the file size is different from the size of the initial infected file.

However due to an error the virus infects one file per run. It infects the last file in alphabetical order, unless it is already infected.

VARIANT: Danom.E
This is similar to Danom.A but it prepends the virus code to the victim files.

To be honest, i do not think that my MSH-virus are viruses for Microsoft Windows Vista. And I have not mentioned in my article "Monad Virus Infection" that it IS a Longhorn (yes, the time of writing it was still named Longhorn) virus - but a virus for Monad - the time of writing the future command shell.

I see that the first virus for MS Vista has been created by Retro (http://securityresponse.symantec.com/avcenter/venc/data/msil.idonus.html)

About the discussion if it's a virus or not: Starting from version b (my numbering - prepender -> appender -> EPO -> crossinfection) they are REAL viruses, infecting real MSH files. No reason for discuss about that fact.

What will be the next step? Virus for Microsoft Windows Vista Professional 64bit Edition Beta? Sure, some of us have already the DVD infront of them...

kindly regards,
Second Part To Hell/rRlf