Virus Targets Microsoft Web Services Software

Microsoft

The "proof-of-concept" virus was sent by its Czech author to antivirus vendors so they could work with Microsoft on a fix, said Craig Schmugar, virus research engineer at Network Associates.

The virus, dubbed W32/Donut, targets executable files created for Microsoft's .Net Web services technology under which software will be available online as a service to anyone using any device.

The threat from the virus is low since the .Net software is still being tested by developers and has not yet been installed on a lot of machines, according to Schmugar.

In addition, the virus does not spread itself via e-mail or Web browsers, but requires someone to save an infected file to a computer hard drive for it to infect other files, he said.

"It does not have any significant chance to become widespread," Symantec said in a statement.

"However, it shows that virus writers are paying close attention to the new .Net architecture from Microsoft and are attempting to understand the framework that eventually will be available on most systems," Symantec said.

By its very nature, Microsoft's Web services will provide a relatively easy way for nasty code to spread, said Schmugar.

The .Net technology "is so Web-based that there's already a propagation method," he said. "There's a good chance that by the time (.Net) is fully released there could be a virus that's ready to exploit it."

Microsoft security experts were not immediately reachable for comment.

The Redmond, Washington-based software giant has been criticized by computer security experts for developing software that too readily allows code to perform executions on Windows systems, opening the door to viruses that steal data, delete files or leave open back doors on systems for future hacking.

On Tuesday, security experts said they had come across a similar low-risk "concept" virus that targets Macromedia Flash animation files used to make Web sites more visually interesting.