July 19, 2004, 10:56 AM — A virus designed to demonstrate security holes in Microsoft Corp.'s Windows CE operating system but not to cause damage was identified by security companies over the weekend.
The WinCE4.Duts.A virus (sometimes known as Dust) only affects devices running ARM Ltd. processors and infects Pocket PC PE files in the root directory, according to Bucharest-based Softwin S.R.L., which first reported the virus on Saturday.
It raises a dialog box which asks "Dear User, am I allowed to spread?" If the user agrees, the virus appends itself to all .EXE files not already infected in the current directory, according to antivirus vendor Symantec Corp.
The virus contains no payload, Symantec said.
The virus was sent by its authors to antivirus vendors rather than being distributed in the wild and was not designed to propagate on a massive scale, but rather to demonstrate that devices running Microsoft Windows CE can be infected by malicious code, according to Viorel Canja, head of Softwin's BitDefender Labs unit.
There are over 17 million Pocket PCs, smartphones, and other Internet appliances currently using the Windows CE operating system, according to Softwin.