Hackers alter Vista


Months before the long-awaited new operating system has hit the shelves, an Austrian virus writer has published details on five viruses targeting Windows Vista in an underground magazine.

The viruses attack MSH (Microsoft Command Shell). This is a new command line interface and scripting language which replaces shells such as CMD.EXE, COMMAND.COM or 4NT.EXE and is similar in nature to the Bash shell in Unix.

According to Mikko Hyppönen, Director of Anti-Virus Research at anti-virus company F-Secure the proof-of-concept viruses "will never became a real-world problem, but the case is interesting historically, as these are the first viruses for a totally new platform."

MSH (codenamed "Monad") was scheduled to ship as the default shell for Windows Vista, previously known as "Longhorn". The OS went to first beta last week. But there is speculation that MSH may now by ditched from Vista and instead be part of Microsoft Exchange 2006.

The possibility of MSH viruses was forecast last year by Symantec researcher Eric Chien in his presentation at the Virus Bulletin 2004 conference titled "The return of script viruses - an overview of Microsoft Shell". In his presentation Chein concluded, "while Microsoft Shell is still in development, the current versions have enough functionality to allow a variety of malicious threats including file-infecting viruses".

As reported in SC Magazine, Microsoft plans to release six security patches for Windows next week in its regular monthly security update.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.