Donut not a .Net virus says Microsoft
- 13 January, 2002 22:00
- A new virus said to be the first to target Microsoft's .Net platform doesn't introduce a new threat to the world of web services and .Net. says Microsoft.
Called W32/Donut, the virus originated in the Czech Republic and targets files running in Microsoft's .Net Framework, the set of building blocks that are needed to create and execute XML (Extensible Markup Language) web services and other applications in Windows (see Donut virus set to poke holes in .Net).
Tony Goodhew, product manager for Microsoft's .Net Framework, argues that Donut does not actually introduce a new threat to the world of web services and .Net. Rather, he asserts that the virus exploited a known vulnerability that's not specific to its .Net software.
"This is just like many, many other Windows viruses," Goodhew says. "It just happens to target the .Net framework for infection."
Goodhew says that security measurers in the .Net framework tripped up the virus writer and forced the Czech to rely on an existing exploit in order to infect .Net files. Although this virus was designed to attack the .Net framework, Microsoft insists that it is not a .Net virus.
"The virus writer should have said, 'I have a virus that targets .Net files, not a .Net virus,'" Goodhew says.
Still, McAfee says the virus is aimed squarely at the .Net Framework. The security specialists continue to call Donut a .Net virus.
Microsoft plans to post information on its website and send developers email alerting them to the problem.