Posts Tagged ‘Virtual Device Driver(VxD) virus’
Potential New Viruses
Posted May 20, 2011
on:OLE2 Virus
- This type of virus could easily spread by disguising itself as an OLE2 server of any common service.
- Then, when an OLE2 client asks an OLE2 server to provide this common service, the virus could actually gain control.
- It could propagate itself to other files or computers, then run the original OLE2 server it replaced. The application wouldn’t even know that it was talking with a virus rather than the actual OLE2 server.
- And if the OLE2 server were on a completely different network computer, the virus could quickly spread itself throughout the network.
Extension virus
- Another possible type of virus is a shell extension virus.
- Microsoft has made the shell in Windows 95 completely extensible to allow for customization. Technically, a virus could be one of those extensions.
- Windows 95 requires no validation for shell extensions, so a virus could be written as an extension that could gain control and propagate itself
Virtual Device Driver(VxD) virus
- Another type of virus that could become popular is a Virtual Device Driver (VxD) virus.
- A Windows 95 VxD has complete control over the entire computer system.
- It can write directly to a hard disk if programmed to do so. It has the same privileges as the Windows 95 kernel, so it has a wide latitude of control over the system.
- With Windows 95, Microsoft has added the ability to load VxDs dynamically—a VxD doesn’t need to be in memory at all times, but only when needed. That means that a virus could have a small amount of code that activates a dynamic VxD, which could then cause severe disruptions to the computer. Because there are no restrictions on what it can do, a VxD virus could bypass any type of protection mechanism you may have employed.
- Another area that may present new opportunities for viruses is the proliferation of easy to-use programming tools for Windows.
- In the past, virus writers required a more intimate knowledge of assembly language and the operating system to create TSRs to propagate.
- For Windows, viruses can be written in high-level languages with visual programming toolkits by more novice programmers. These viruses are also harder to detect since they look very much like all the other programs a user is running.