The first macro virus to infect the most popular PC-based computer-aided design software program, AutoCAD, has been discovered.
vnunet.com, 21 Jul 2000
The first macro virus to infect the most popular PC-based computer-aided design (CAD) software program, AutoCAD, has been discovered.
The ACAD.Star macro virus is just 568bytes in length and infects AutoCAD version 2000, which is widely used throughout the world for architectural design, cartography, movie and computer games production. Experts said it does not pose a significant threat to users because it is not spreading.
The virus, written in Visual Basic Application (VBA), is primitive not only because of its length, but functionality as well. According to Russian antivirus software vendor Kaspersky Lab, which discovered the virus, its writers made some fatal mistakes, which nearly disable the virus' capabilities for proliferating under normal operating conditions.
"We classify this as a 'first try', which, as is known, are not always successful," said Eugene Kaspersky, head of antivirus research at Kaspersky Lab. "However, the discovery of this virus demonstrates security breaches in AutoCAD, which used to be virusless up to quite a recent time. We consider that these vulnerabilities could be further exploited by other AutoCAD viruses - more vital and even dangerous."
Eric Chien, chief researcher at Symantec's European antivirus research labs, said the security community had expected the appearance of viruses on AutoCAD since Autodesk licensed Microsoft's VBA macro-programming language for use in the software. He said the AutoCAD macro virus used the same sort of code as those found in Word or Excel macro viruses.
"The virus copies itself from one AutoCAD project to another, potentially infecting other projects," said Chien. However, unlike Word or Excel, AutoCAD holds macros separate to a project, and it is unlikely that the virus will spread as rapidly, he added.
"Microsoft made a decision based on a trade-off between functionality and security in incorporating macros in Word and Excel files."
Protection against the ACAD.Star virus has been added to Kaspersky Lab's AntiViral Toolkit Pro security software, and other vendors said the next scheduled update to their virus definitions would recognise the macro.
Sophos's 24-hour technical support team has seen a notable increase in virus hoaxes lately. Not only are more hoaxes being reported but the new ones also seem to be becoming increasingly far fetched. Yet, no matter how bizarre and improbable they sound, people still fall for them.
Symantec's purchase of Axent Technologies last week has sparked concern in both vendors' channels.
More than 450 viruses are born each month with the potential to destroy applications and operating systems. The last week alone has seen two potentially dangerous 'Trojan Horses' rear their heads.
Microsoft has warned that Outlook and Outlook Express users could become infected by email viruses before they open or preview infected messages.
V3.co.uk gets a walk through of the Hero, which includes HTC's new Sense overlay for Android
First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1
NetGear's four-bay compact network-attached storage gets a serious speed boost
Do you agree?
Have your say on this article