Austrian virus writers have developed malicious code
that targets Windows PowerShell, the new command line interface
shell and scripting language being developed by
Microsoft.
Internet security software firm McAfee has detected the
MSH/Cibyz worm. MSH/Cibyz is designed to be spread using the Kazaa
peer-to-peer file-sharing network, with the worm running in
PowerShell.
PowerShell is due to ship later this year and will be used in
products such as Exchange Server 2007.
The worm abuses PowerShell’s ability to execute scripts, by
attempting to trick users into downloading and running malicious
code.
To do this, it uses a series of product names that may be
attractive to Kazaa users.
When run, the worm will overwrite some file types, change
registry details and place itself in the machine's Kazaa shared
folder, where it can be further spread to other users.
McAfee warned users to be cautious about what files they allow
onto their machines from file-sharing networks.
Vote for your IT greats
Who have been the most influential people in IT in the past 40
years? The greatest organisations? The best hardware and software
technologies? As part of Computer Weekly’s 40th anniversary
celebrations, we are asking our readers who and what has really
made a difference?
Vote now at:
www.computerweekly.com/ITgreats