MS distributes Nimda to Korean .NET developers
Somehow or other the Nimda worm has found its way into a file which Microsoft is distributing to developers in Korea.
"The Nimda virus has been detected within one of the compressed help files included in the Korean language version of Application Center Test (ACT). ACT is a component of the Korean language versions of the Visual Studio .NET," MS explains.
However, it's nothing to worry about. They've analyzed a few scenarios and they don't see a problem. "In all analyzed scenarios, Microsoft considers the likelihood of activating the virus to be extremely low, if not impossible."
As for how the file found its way into their distribution channels, the company is silent. Nimda works by exploiting security flaws in Microsoft IIS, though there are patches for the holes it uses. One is tempted to wonder if Microsoft's "Trustworthy Computing" revolution means applying their own patches to their own kit.
The dirty file affects Visual Studio .NET Enterprise Architect, Visual Studio .NET Enterprise Developer, Visual Studio .NET Professional, and Standard editions of all Microsoft developer tools, including Visual Basic .NET, Visual C++ .NET, and Visual C# .NET, involving Win-NT 4.0, 2K and XP, the company says.
There is now an update which the company says will remove the infected file, posted here. It probably wouldn't be a bad idea to run a commercial virus scanner afterwards, just to be sure the infection hasn't spread. ®