Automated infection gives worms the ability to cause a great deal of damage in a very short period of time. This is because the distinguishing characteristic of traditional worms is their ability to self-replicate automatically from host to host with no user interaction. The fact that the worm is written in PowerShell rather than another scripting language or even as an executable has actually made it even harder for this virus to spread since the additional security features around PowerShell scripts result in many additional steps for the user to perform before an infection can take place.Īmong the various types of malicious code in existence, worms raise a great deal of attention and anxiety among the computing public. This is a proof-of-concept virus whose “Worm” replication mode is just a simple file copy and could have been implemented in any language which supports copying files. It is important to note that the PowerShell Worm will not work and cannot infect Windows PowerShell in its default configuration. There has been some confusion and concern around the classification of this malicious script as a worm as well as questions about the risk. You can read their analysis in the Malicious Software Encyclopedia.Ī “ PowerShell Worm” has recently been reported by several antivirus companies and some news organizations. 5th, 2006: The Microsoft security folks have finished their full technical analysis of the worm.
0 Comments
Leave a Reply. |