M$ slams F-Secure for Windows Vista virus report

Filed under
Microsoft

Contrary to what F-Secure suggested, MSH won't be part of Windows Vista, a spokeswoman for Microsoft told vnunet.com.

"The current plan is that Monad will not be included in the final version of Windows Vista. Monad is being considered for the Windows Operating System platform for the next three to five years," she said.

Instead, users will find "some of the technology" in the next version of Exchange that is due out in the second half of 2006, as we reported earlier. Microsoft hadn't previously given full disclosure about its plans not to include MSN in Vista.

MSH is a command-line shell tool that lets IT administrators manage as system. It is similar to the command shell in Unix, Linux and OS X.

A first beta of the technology was released in June. MSH isn't part of the Vista beta that was launched two weeks ago.

F-Secure in a blog posting on its website pointed to a proof of concept virus that an Austrian virus writer had developed. It has named the viruses Danom, using the reverse spelling of Monad.

Microsoft further undermined F-Secure's report by pointing out that the virus used a proven method to use command shells in all operating systems to launch a virus.

"The viruses do not attempt to exploit a software vulnerability and do not encompass a new method of attack," the spokeswoman said.

Backing up his company's official statement, a Microsoft developer by the name of Lee Holmes blased the report by F-Secure on his blog.

"It's a misleading title," Holmes said about F-Secure post, "as it's an issue that affects any vehicle for any executable code on any operating system."

In an email to vnunet.com, F-Secure's director of anti-virus research Mikko Hyppönen defended his original posting.

"I stand by my blog entry. Everything I wrote was accurate at the time of writing."

Full Article.