Last Updated: 2006-04-07 22:44:30 UTC
by Swa Frantzen (Version: 2)
The impact of the PoC at this point is very low in itself, but it is a sign the cross platform aspects are becoming important. As the developers of viruses continue to research this, we will see (more) cross platform malware come about in the future.
Even today websites sending exploits to their visitors tend to detect what browser/platform the visitor is using and send a matching exploit to install some malware and earn their quarter for each confirmed installation.
Planning ahead and also protecting the Linux, UNIX and Mac OS X, machines with anti-virus measures is a good thing to start on now if you haven't done so already.
Getting infrastructure that is fed signatures in an automated manner in place allows you to shorten the time needed to respond, even if the specific platform isn't targeted today. Since anti-virus measures are mostly reactive in nature, anything that makes your reactions faster is good.
- We know about the sadmin worm. It was cross platform between Solaris and Windows. Although there is a technical difference between a worm and a virus.
- Not running about as "root" or "Administrator" surely helps to protect your computer, but it does not and will not remove the ability of viruses to propagate to what you have access to. Only if you limit the user to have any change rights to all possible programs (including scripts and the like), will you be technically safe from viruses. Such a setup isn't likely to be usable on a general purpose computer anymore ... But if you can you might have a winner for protection against pure viruses.
There are no patches against viruses.
Swa Frantzen - Section 66