Antivirus software manufacturers are reporting the appearance of the first virus to infect applications on systems running either Linux or Microsoft Windows -- although it presents little danger, they say.
The virus, known variously as W32.Winux, Linux.PEElf.2132, Linux.Winux or W32/Lindose, is carried in Linux or Windows executable files, and when an application infected with it is run, it spreads to other executable files in the same or adjacent directories in the file system.
The virus originated in the Czech Republic, according to antivirus software vendor Central Command Inc., which said in a statement Tuesday that it has an update to its AVX software available that can identify the virus.
Unlike viruses such as Loveletter or Melissa, the Winux virus makes no attempt to spread itself by e-mail. Implementing such a function in a way that would run on both Linux and Windows systems represents a major challenge to virus writers, according to André Post, senior researcher at the Symantec Corp. antivirus research center in the Netherlands. However, the virus can still be spread by users unwittingly sending infected applications such as animations as e-mail attachments.
The biggest risk is if the virus manages to infect a file in a shared directory on a server, Post said.
He described Winux as a "proof of concept," not a serious threat, but nevertheless Symantec also is working on an update for its virus scanning software that will detect the virus.
Because it is such a slow spreader, the chances of the Winux virus reaching a Linux server are remote, Post said, although it could possibly infect Linux applications on dual-boot systems with both Windows and Linux operating systems installed, even if the Linux operating system is not running at the time. Power users beware!
Central Command, in Medina, Ohio, can be reached at +1-330-723-2062 or at http://www.centralcommand.com/. Symantec, in Cupertino, California, can be reached at +1-408-253-9600 or at http://www.symantec.com/.