Ok, this will be a bit more editorial than other posts, if you’re a geek you’ll understand. Sometimes some tech issues just get so badly misreported it’s hard not to get irritated.
On Thursday it was reported on most of the major news sites that the first Vista virus was developed/disclosed. The original source appears to be an F-Secure blog entry which reports about 5 viruses described/included in Austrian virus writing magazine. You can read a bit more about each of the five also on F-Secure’s site. The “virus” is simply a shell script which runs from the Vista equivalent of DOS. The script is written for MSH (Microsoft Scripting Shell) aka Monad. MSH is nothing more than a shell, like DOS with a bigger command set and a better interface (it’s more like any modern UNIX/Linux shell). So, just like you can write a shell script to create a directory, rename a file, launch a program or do practically any other thing (which is the main reason shell scripting exists), surprise, surprise you can write a shell script to spread itself! That’s old news, it’s been done, is being done, will be done. You give someone a shell and they’ll write a shell script which can do bad things. There is no story here. This “virus” doesn’t exploit any weakness in MSH, doesn’t exploit any weakness in Vista. It’s not that you could mail someone a script in an attachment and your e-mail client would let you click on the attachment and poof you’re hosed. It’s not that you will browse a webpage and trigger an MSH script to run. Now maybe vulnerabilities will be discovered that will allow MSH scripts to run in situations like I just mentioned (the years of Outlook Expresses worms are testament to that). And if that happens again, it’s serious, and that needs to be addressed and is worth a news story. But this, this is just stupid! It’s as stupid as running a story about how someone has disclosed that under Vista just by doing 2 mouse click and typing 10 keystrokes your hard drive can be formatted! All you have to do is press “Start”, then choose “Run…” then type “format c:”. Oh the humanity! And Microsoft is doing nothing to stop this set of clicks and keystrokes from wiping out all your data??? (Ok, for you real geeks you know the above wouldn’t work, but you know what I’m saying, volume is mounted/in use, blah blah, and I’m not going to try it now just to check ). Anyway, I’m getting off the soap box.
If you’re interested you can read more in the related Google headlines.