MSW3c down, Virus found!

CobraBoy (
Wed, 23 Oct 1996 09:00:05 -0700

Remember they are your friends. This shouldn't be news to anyone since in
many people's opinion Ms has been shipping Virii in one form or another for
years. :-)

>Microsoft Ships Developers
> 2 Virus-Infected CD-ROMs
> Thousands of software developers and trainers around
>the world received
> limited-production Microsoft CD-ROMs infected with a
>little-known virus in the last
> two months, the company has acknowledged.
> Subscribers to
>Microsoft Corp.'s "Solution Provider
> CD" -- all of whom
>are software and systems
> professionals -- have
>been warned that Microsoft,
> the world's largest
>publisher of software for
> personal computers,
>discovered a virus on
> thousands of CD-ROMs
>it had distributed to them
> in September and
> Microsoft emphasized
>on Tuesday that none of its
> consumer products had been infected by the virus.
> The infection, known as the Wazzu virus, was accidentally
>replicated in a file that was
> included on approximately 14,000 "SPCDs," as the company
>calls special CD-ROMs that it
> ships each month to domestic and international systems
>professionals. "Solution providers"
> is Microsoft's term for consultants who integrate the
>company's products into the computer
> systems of business customers.
> The Wazzu, which does not destroy any data on the infected
>computer, is a so-called Word
> macro virus. Like its better-known Word-macro cousin, the
>Concept virus, the Wazzu is a
> small program that attaches itself to Microsoft Word documents.
> According to McAfee Associates, the anti-virus software
>vendor based in Santa Clara, Calif.,
> when an infected file is opened, the virus automatically
>inserts the word Wazzu within the
> text and/or rearranges as many as three words.
> In an informational document about Wazzu, McAfee also
>reported that files infected by the
> virus "insist on being saved in the templates directory."
> Wazzu, like all Word macro viruses, can be spread through
>Windows-based e-mail software,
> according to McAfee.
> Steven Fox, a marketing manager in Microsoft's organization
>customer unit, said that the
> virus on Microsoft's SPCD was located in one of 122 files on
>the disc. The file, ED3905A.DOC,
> was a "solution in action case study" about the way
>Electronic Data Systems, the Dallas-based
> data processing giant, uses Microsoft's Exchange Server
> Fox said that EDS
>provided the file to Microsoft,
> but added that the
>virus could have originated at
> either EDS or
>Microsoft. It was duplicated with
> each disc that was
>made. Although the disc
> replicating company
>hired by Microsoft normally
> runs an anti-virus
>diagnostic check of CD-ROMs
> prior to their
>release, Fox said that the Wazzu
> virus on the SPCD was
>missed because it was
> newer than the
>anti-virus software used by the
> replicator, whom
>Microsoft did not name.
> Approximately 5,500
>solution providers in North
> America received
>infected discs in September and
> October, and about 4,000 more recipients abroad got infected
>discs in September only, the
> company said. Microsoft has approximately 12,000 solution
>providers worldwide.
> Neither the October international SPCD nor any of the
>November SPCD's were infected, Fox
> said.
> Microsoft was informed of the virus problem by one of its
>solution providers in early
> October, and the company now says that all solution
>providers have been alerted and given
> advice about how to deal with it. The alert was provided in
>SPIN, a private forum for
> solution providers on the Microsoft Network.
> Fox speculated that few recipients had been stung by the
>virus because the infected file was
> obscure, "embedded within another document."
> "Only a handful of solution providers would have actually
>opened the file and would have
> been exposed to the virus," he said.


"The Internet is the first thing that humanity has built that humanity doesn't understand." ...Eric Schmidt, Sun Microsystems

<> <>