Reports of First Vista Virus Inaccurate

Several news sources reported late Thursday that the first virus for the next generation operating system Windows Vista had been discovered. However the virus is written for Monad, a Unix-like command shell replacement for DOS, which may not even ship with the operating system and may not be part of any Microsoft OS until at least 2009.

The "proof of concept" viruses, named Danom, have five variants and will infect and either edit or overwrite .msh, .bat, and .cmd files. Security software firm F-Secure first reported the "Vista Virus" emergence, but admitted it "will never became a real-world problem."

Last year, researcher Eric Chein of security firm Symantec warned of Microsoft Shell viruses, saying, "while Microsoft Shell is still in development, the current versions have enough functionality to allow a variety of malicious threats including file-infecting viruses."

Microsoft has been quick to discredit reports that this is the first Vista virus.

"These potential viruses do not affect Windows Vista or any other version of Windows if 'Monad' has not been installed on the system," a security spokesperson told Mary Jo Foley of Microsoft Watch on Friday. "We have not yet announced a specific delivery vehicle for Monad in the Microsoft Windows operating system."

Microsoft also pointed out that the viruses do not exploit any vulnerability, and first must be loaded and then executed in order to infect a machine.

Monad developer Lee Holmes echoed Microsoft's sentiments in his Web log. "The fact that MSH is used as the execution vehicle is really a side-note, as it does not exploit any vulnerabilities in Monad," he argued.

"The guidance on shell script viruses is the same as the guidance on all viruses and malware: protect yourself against the point of entry, and limit the amount of damage that the malicious code can do."