On GameSpot: So-called 'Halo killer' gets 23 to life
BNET Business Network:
BNET
TechRepublic
ZDNet
55 TalkBacks

By Matt Hines
Posted on ZDNet News: May 27, 2004 7:39:00 PM

Security technology company Symantec reported Thursday that it has analyzed what it believes to be the first known threat to 64-bit Windows systems, a virus labeled W64.Rugrat.3344.

Representatives at the Cupertino, Calif.-based company were quick to point out that the threat was merely a so-called proof-of-concept virus--a worm developed by someone to show that vulnerabilities are present in a particular type of system--and not a virus already spreading in the wild. However, Oliver Friedrichs, senior manager of Symantec's Security Response Team, said W64.Rugrat.3344 can attack 64-bit Microsoft Windows files successfully. He said the virus does not infect 32-bit files and will not run on 32-bit Windows systems.

Since 64-bit systems have yet to proliferate widely, Symantec maintains that the virus does not yet represent a serious threat.

"We always see early adopters trying to find a way to attack new technology right away, as we did with 32-bit, so it's not surprising to see this," Friedrichs said. "But we do expect to see more of these, as 64-bit technology becomes more prominent."

The 64-bit market is expected to grow rapidly. By the end of next year, most Intel chips, will be 64-bit capable, and virtually all of rival Advanced Micro Devices' processors will be 64-bit chips.


Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.

Software titan Microsoft is also pushing the high-end market forward. Earlier this month, Chairman Bill Gates asked hardware makers to start writing 64-bit drivers for their software. Among the advantages of 64-bit software is the ability to gracefully accommodate more physical memory than the 4GB limit in 32-bit systems.

Symantec said it was not expecting widespread copycats of W64.Rugrat.3344, since the affected assembly code requires fairly advanced technical knowledge. Symantec said W64.Rugrat.3344 was created in IA64 (Intel Architecture) assembly code and infects IA64 executable files, excluding .dll files. The security specialists reported that W64.Rugrat.3344 also infects files that are in the same folder as the virus, as well as all files within related subfolders.

Symantec is currently updating its Norton AntiVirus product line to protect against W64.Rugrat.3344 and expects to have versions of the software armed to defeat the virus ready by the end of the day Thursday. The company earmarked the 64-bit virus as a Level 1, or the least dangerous sort of threat ranked on its five-tiered ratings system, but warned users to update their virus protection systems as quickly as possible.

Last week, Symantec announced plans to acquire Brightmail, a maker of tools for blocking spam and viruses, for $370 million.

Neither Microsoft nor Intel could immediately be reached for comment.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 55 Talkback(s)
Well, well, well....
ONLY ON Microsoft's W-I-N-D-O-W-S

How pathetic! (Read the rest)
Posted by: Hard Cider Posted on: 05/30/04 You are currently: a Guest | | Terms of Use
Well, there goes the M$hill theory of "most popular=most attacked"  Xunil_Sierutuf | 05/27/04
Shows what you know!  ShadeTree | 05/27/04
May or may not be true but  Linux User 147560 | 05/27/04
Here's a thought  Phil Nospam | 05/27/04
PhilN, that's a far reaching thought  stephen732@... | 05/27/04
Simple  PA-ITGuy | 05/28/04
Not quite...  techboy_z | 05/28/04
Re: Not quite...  PA-ITGuy | 05/28/04
Windows programmers...  bjbrock | 05/28/04
Aboslutely True  ShadeTree | 05/28/04
True  Suicida| | 05/28/04
It is most popular  ITsucks | 05/27/04
easy  zijiang | 05/27/04
Was That Common Sense???  nikoli | 05/27/04
Easy ...  Ardian Daka | 05/28/04
Curious  vferrara | 05/27/04
Re-Read the article  DragonBRockin | 05/27/04
psst!  stephen732@... | 05/27/04
Puma my point is...  DragonBRockin | 05/28/04
So release first?  AvdHarg | 05/28/04
Uh...NO!  DragonBRockin | 05/28/04
This has to be....  ShadeTree | 05/27/04
Hahahah  nucrash | 05/27/04
IA64 not x86_64  Robert Crocker | 05/27/04
Blast, I didn't catch the IA64  nucrash | 05/28/04
Beta??  richdave | 05/27/04
Corrections  nucrash | 05/28/04
64-bitness  ma.rk | 05/28/04
I am the guy...  ShadeTree | 05/28/04
(NT)Or he might just work for a company that uses IA64 servers  toadlife | 05/27/04
I think Symantec wrote it!  Phil Nospam | 05/27/04
at least somebody caught that  neil ubich | 05/28/04
No skill, waiting for 64-bit Linux threats  FilledOut | 05/27/04
Keeping them for later  nucrash | 05/27/04
(NT)People that can program in IA64 assembly code have 'no skill'?  toadlife | 05/27/04
Have skills, but how much is necessary to attack Windows  FilledOut | 05/28/04
What is the vulnerability?  rapson | 05/27/04
There is none  toadlife | 05/27/04
W64.Rugrat.3344 details  B.O.F.H. | 05/27/04
Flaw in article  rpmyers1 | 05/27/04
if you want to nitpick  toadlife | 05/27/04
Beta virus  Anton Philidor | 05/27/04
Not a Beta Virus  ShadeTree | 05/28/04
Might want to squirrel those away  FilledOut | 05/27/04
There are none.  richdave | 05/27/04
With  michael-t | 05/27/04
MS has already too many vunerbilities  Ope | 05/28/04
well  Suicida| | 05/28/04
I don't get it  PA-ITGuy | 05/28/04
here you go  Suicida| | 05/28/04
Starting Early  xero11 | 05/28/04
Sorry, Bad Link . . .  xero11 | 05/28/04
How many?  gmyx | 05/28/04
Most of them  neil ubich | 05/28/04
Well, well, well....  Hard Cider | 05/30/04

What do you think?

advertisement
Click Here
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here