Viruses in .Net Framework

[Guest]

Hi,

I'm student and I have to make a paper about viruses in .Net Framework. Does
anyone have some information about this topic?

Thanks for any help.

 

[Scott M.]

A Google search of ".net framework viruses" yields results.

 

[Guest]

Thank you for your advice, but I want to know what Microsoft says about it
(some official records) and what third-party companies say about it. Google
didn't help in my research.

 

[John M Deal]

Take a look at:

http://www.geek.com/news/geeknews/2002jan/gee20020111009718.htm

This references a quote from Network Associates about the Win32 Donut
virus. This was found using "dotnet virus" on google. There are lots of
additional results.

You can get Microsoft information about this same virus from:

http://support.microsoft.com/?scid=kb;en-us;316287

Found using the same search but specifying site:microsoft.com

Hope That Helps

Have A Better One!

John M Deal, MCP
Necessity Software

 

[Scott M.]

I found plenty of results that seem to match what you are looking for with a
Google search.

 

[Guest]

You are going to have some difficulty on this topic. The first "proof of
concept" virus was W32.Donut and worked with the beta product and relied on
certain security settings which are no longer set in the same manner, if I
remember correctly.

There are a couple of things fighting .NET virii right now:

1. The Framework is not installed on enough computers to get virii writers
to move from other delivery formats.

2. The Framework sandboxes code by default, making the virii writer have to
work much harder than other delivery mechanisms.

Do a search on W32.Donut and Sharpei (a worm written partially in C#). Those
are the only two I know of at this point in time.

---

Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************