Microsoft says that while it believes BackOrifice 2000, the second version of the now notorious hacking tool, has not yet been released, Windows users should be wary.
Microsoft New Zealand marketing manager for business and enterprise Guy Haycock says the company understands the new Back Orifice "virus" has been under development and will be released soon.
"While we are not sure exactly how BO2K will operate, we are making a reasonable guess that it will follow the pattern of its predecessor, spreading primarily via a trojan horse mechanism and allowing malicious users to remotely control other users' computers," says Haycock.
"Of course, remote control software is nothing new. Several commercial products provide the ability to remotely control a computer for legitimate purposes. What is different about BO and BO2K is that they have no legitimate purpose, but are instead solely malicious."
Haycock says vendors of anti-virus, intrusion detection, and mobile malicious code detection software "will be working to develop software that detects and removes BO2K" and that Microsoft will be working closely with them to ensure that tools to protect customers will be available as soon as possible.
"We urge all customers to protect themselves by not running software from untrusted sources. Microsoft provides the ability to digitally sign executables, which allows customers to know who authored a piece of software and to make trust decisions about it. We also advise customers to ensure that their anti-virus software is up to date, and to watch for the availability of updated security software that will find and remove BO2K."
More information and Microsoft customer communications on BO2K are stored at: http://www.microsoft.com/security/default.asp.
Microsoft has also posted an interview with Jason Garms, lead product manager for Windows NT security at: