When is a virus not a virus?

When it doesn’t spread.


There’s been a lot of press devoted of late to this “Word zero-day vulnerability“, some of it even referring to this as a virus.


While it seems that the exploit in use could be further exploited in order to make this into a virus, the particular attack in question is being used for a very targeted attack against a small set of targets.


So, don’t panic into thinking that you need immediate and urgent protection right now. There are very, very few cases of this that have been discovered even by those that are actively looking for it with full knowledge of what they are looking for.


What’s my take on this?


It’s a great opportunity to remind your users that they still need to pay attention to the usual methods of incursion – peer-to-peer “file sharing” (or, if you prefer, “theft”); attachments to emails; active content on web-sites of dubious provenance; the latest “gotta see this animation” or “gotta play this Flash game”; etc. Note that many of these infection vectors are contingent on you being so excited about, as Jesper and Steve put it, “seeing the naked dancing pigs”, that you will approve any elevation of privilege required to do so. It’s simply a rich irony that schemes designed to make you want something this bad, and using your friends and co-workers to egg you on, are called “viral marketing”.


The more you are being persuaded by peer pressure, the more you want to ask yourself “have I assessed the risks of this?”


Your mother always warned you, after all, “if everyone else wanted to jump off a cliff, would you?”


I’m the lone lemming, thinking to myself “I don’t really know if it’s a good idea to go cliff-diving right now – can I even swim?”

One thought on “When is a virus not a virus?”

  1. “When is a virus not a virus? When it doesn’t spread.”

    Virus … With this word, sec firms earn so much money that they find the opportunity to

    I hope securityfirms and FUDers won’t forget that point when future new “viruses” will be discovered on (especially for) Linux (cause i use it) but for other systems too (cause most people use them).

    Nice blog, Alun.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>