|
| The author of the Modan viruses published
information about his malicious code online. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have urged
customers not to panic over media reports of the first viruses said
to affect the forthcoming Windows operating system, Windows
Vista.
Yesterday, five viruses were discovered written in MSH (also
known as Microsoft Shell or Monad), a command line interface and
scripting language being developed by Microsoft. MSH was originally
scheduled to be shipped with Windows Vista (the recently announced
new name for the next generation of Microsoft's Windows operating
system previously known as Longhorn), but it is now believed to be
likely that MSH's first public release will be as part of the next
edition of Microsoft Exchange.
The viruses, which have been named Modan, were all written by
the same virus writer, who is believed to be Austrian and goes by
the handle "Second Part To Hell".
"These viruses are more a proof-of-concept than anything that
should seriously worry businesses, as they are extremely unlikely
to spread," said Graham Cluley, senior
technology consultant for Sophos. "However, it is possible that the
flexibility of the MSH scripting language will be exploited in the
future by other virus writers and hackers. We may see an echo of
the past, when malware such as the Love Bug and Anna Kournikova worms
successfully spread by using scripting languages."
Even though they do not present a real world threat, Sophos has
automatically updated customers against the MSH/Modan-A, MSH/Modan-B, MSH/Modan-C, MSH/Modan-D, and MSH/Modan-E viruses.
"Media reports that these are the first instances of
Vista-specific viruses are inaccurate. These viruses need MSH to
operate, not Windows Vista," continued Cluley.
Sophos recommends companies automatically update their corporate
virus protection, and run a consolidated
solution at the email gateway to defend against viruses and
spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.