Microsoft has confirmed that it accidentally distributed to
developers a copy of the W32/Nimda virus in Korean
versions of its Visual Studio.net package.
The Nimda virus was first seen in September 2001, and can be
easily stopped with up-to-date anti-virus software.
According to Christoper Flores, lead product manager for Visual
Studio.net at Microsoft, the virus infected a file on the CD after
a third party company translated the package into Korean.
Using a vulnerability in Microsoft's IIS web server software,
the Nimda virus corrupts websites with malicious code. Without
their knowledge, innocent computer users may trigger the virus by
simply browsing a website. The virus then forwards itself by email
to all addresses found on the user's computer.
There are no reports of anyone having been infected by this new
distribution of the virus and Microsoft has published more
information on its website at http://msdn.microsoft.com/vstudio/downloads/updates/kohelpfilefix.asp.
"Fortunately, on this occasion, it seems unlikely that people
will become infected from this accidental distribution," said
Graham Cluley, senior technology consultant for Sophos Anti-Virus.
"The company which will be most damaged will be Microsoft itself as
its credibility in the security arena takes a knock. However, it
would be a mistake for other companies to feel smug about
Microsoft's misfortune. All companies should put in place proper
safe computing guidelines to minimise the risk of virus infection,
and ensure their partners and suppliers do the same."
Sophos recommends that users concerned they may be vulnerable to
infection ensure they are running a reliable, up-to-date anti-virus
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.