10 January 2002 The first computer virus specifically designed to target software giant Microsoft’s .Net web services technology has emerged. The W32.Donut virus, which originated in the Czech Republic, provides Microsoft with a glimpse of the type of threat it will need to overcome if it is to realise its web services ambitions.
The virus is not particularly virulent and non-.Net files are not believed to be at risk from the Donut virus, which is spread by users moving files to from one computer to another. This can be done by email or by inadvertently downloading Donut from a website. The most virulent viruses are spread automatically by email.
In September 2001, Microsoft released its Windows XP Professional product, which is the first version of its Windows operating system to include support for the .Net framework. Microsoft’s .Net framework includes protocols for discovering software components, data and services over the Internet, based on XML.
But industry experts agree that Donut does not pose any serious threat. Anti-virus software vendor McAfee assesses its risk as “low”. Analysts say that it represents more of a “proof of concept” that indicates that hackers are already examining web services technology for vulnerabilities.
According to the web site of the security group, Anti-virus Emergency Response Team, Donut was mainly written in Win32 computer assembly language and Microsoft Intermediate Language (MSIL), the byte code into which applications are compiled before being run within Microsoft’s .Net framework.
Analysts expect the introduction of web services to exacerbate the number of hacking attacks because they will increase the reliance on HTTP mechanisms which are used to carry out online application transactions, says Gartner analyst John Pescatore. Around 75% of attacks are now targeted at the application layer, he adds.