Hackers already aiming for Vista
By Matt Whipp
Posted on 4 Aug 2005 at 14:50
Hackers are already working on viruses for Microsoft's upcoming Vista platform.
According to Finnish security experts F-Secure, an Austrian virus writer known as 'Second Part to Hell' - from the 'Ready Rangers Liberation Front' group - has published his efforts on writing virus code for Vista's MSH (Microsoft Shell) command line interface, including five viruses.
F-Secure's Director of Anti-Virus Research Mikko H. Hyppönen told us that although, as the first Vista viruses, 'they are of historical importance, they're really not a real world risk.'
He described them as 'really simple, really basic,' with properties such as self-propagation, but not much more. 'However, Microsoft's MSH scripting language is really versatile,' he said. 'You can basically control any component with it ... you can send email straight from the command line, you can connect to web services ... In functionality it's similar to Unix.'
Yet plans for MSH remain unclear. Wininsider reports that the shell might be dropped from the release of Vista, as there was as yet no product scheduled in which it was due to ship, but Microsoft declined to comment further.
No bad thing, says Hyppönen. Such a capable tool would probably remain untouched in the machines of many consumers and would prove more a security hazard than an improvement. 'As a power user myself I would love to have it in my own computer, but not in my mother's computer,' he said.
It all depends on whether Microsoft has plans to build services into Vista that rely on MSH to function.
Still, even if MSH is disabled or removed from Vista on the desktop, it might still make an appearance in server products such as Exchange Server 12. But even here systems such as mail and web servers would still be vulnerable, deployed at the network perimeter.
From around the web
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Why virtualisation hasn't slowed the growth of data
- How to make Google AdWords work for your business
- The curse of sloppily written software
- Paying for your crimes with Bitcoin
- Behind the scenes: tech support for Formula 1
- The security risk of fat fingers
- Why Windows Phone 7 isn't quite ready for business
- When will Microsoft stop fiddling with Windows 8?
- Flash down the pan?
- Metro Style apps vs desktop applications
advertisement
