March 28, 2001, 11:36 AM — Antivirus software manufacturers are reporting the appearance of the first virus
to infect applications on systems running either Linux or Microsoft Corp.'s Windows
-- although it presents little danger, they say.
The virus, known variously as W32.Winux, Linux.PEElf.2132, Linux.Winux or W32/Lindose,
is carried in Linux or Windows executable files, and when an application infected
with it is run, it spreads to other executable files in the same or adjacent
directories in the file system.
The virus originated in the Czech Republic, according to antivirus software
vendor Central Command Inc., which said in a statement Tuesday that it has an
update to its AVX software available that can identify the virus.
Unlike viruses such as Loveletter or Melissa, the Winux virus makes no attempt
to spread itself by e-mail. Implementing such a function in a way that would
run on both Linux and Windows systems represents a major challenge to virus
writers, according to André Post, senior researcher at the Symantec Corp.
antivirus research center in the Netherlands. However, the virus can still be
spread by users unwittingly sending infected applications such as animations
as e-mail attachments.
The biggest risk is if the virus manages to infect a file in a shared directory
on a server, Post said.
He described Winux as a "proof of concept," not a serious threat,
but nevertheless Symantec also is working on an update for its virus scanning
software that will detect the virus.
Because it is such a slow spreader, the chances of the Winux virus reaching
a Linux server are remote, Post said, although it could possibly infect Linux
applications on dual-boot systems with both Windows and Linux operating systems
installed, even if the Linux operating system is not running at the time. Power