Virus writers target Windows Powershell

By Derek Sooman on August 2, 2006, 6:36 AM
One of the things that annoys me most about trying to use Windows for anything serious (i.e. not just playing games, movies, mp3s, surfing the Net, etc) is its lack of a good command line and scripting language; batch is awful. Recently I had to write a script in batch (in anger) and was amazed at just how completely rotten it was. Things I could accomplish in Perl in one line were taking five lines of code plus, and sometimes things seemed not to work for no good reason at all that I could discern.

Microsoft seem to have recognised the need for a decent command line and scripting language in Windows, and as such have begun working on the Microsoft Command Shell (MSH), aka Monad, now known as PowerShell. PowerShell is a lot more like the sort of command line and scripting technology you would expect from UNIX shells like BASH - its smart, versatile and does some right groovy tricks (like allowing you to explore the registry as if its a file system, etc.) PowerShell will likely be making its debut proper in Vista, but you can download beta versions right now and install them on XP if you want (which I did.) It might wind up being released as a separate product to Vista. All in all, it’s a very good step in the right direction for Microsoft.

However, with the herald of this new technology comes a new threat - an Austrian group of virus writers has published new proof-of-concept malware code that uses Powershell. Dubbed the MSH/Cibyz worm, the malware attempts to spread via the Kazaa P2P file sharing application, and users who are silly enough to open such files will be infected. As a proof-of-concept worm, the code does little more than drop a copy of itself in shared folders used by Kazaa, but nevertheless it highlights the potential for havoc which PowerShell represents.

A Microsoft spokesperson told vnunet.com that it is aware of the worm and stressed that the virus doesn't exploit any vulnerabilities in its software.

"Microsoft recommends consumers do not accept files from un-trusted sources and should use up-to-date third-party anti-virus products," he added.




User Comments: 9

Got something to say? Post a comment
slake said:
Most people who use Windows do in fact consider what they are doing as serious WITHOUT the need for scripting. For example, my daily professional use is Flash, Photoshop and AfterEffects work. No need for scripting. I think this article is nothing but anti-MS babble. Now go sit down.
Phantasm66 said:
Actually, I feel that Flash, Photoshop and AfterEffects is not really computing, its computer aided multimedia. Computing is hardware, software, programming, databases, etc. If you are interested in things like these you will quite quickly realise that Windows and WIndows applications are often behind in a number of key areas.You'll note that I said "one of the things" - lacking good scripting is only one reason that Windows falls down when doing "real" computing tasks as opposed to user tasks like multimedia, burning CDs, playing games, etc where of course it wins hands down.Of course lacking scripting does not matter for you but for someone who is a true computer scientist it is a serious deficiency.[Edited by Phantasm66 on 2006-08-02 15:33:33]
Phantasm66 said:
[quote]For example, my daily professional use is Flash, Photoshop and AfterEffects work.[/quote]and call me crazy but I was under the impression that people really into those things used Macs.[quote]I think this article is nothing but anti-MS babble. Now go sit down.[/quote]I never cease to find it amazing that when I write anything remotely negative about Microsoft it instantly gets mistaken as some kind of Anti-MS crusade; I am above these things. I love all computing and value Microsoft and Windows XP just as much as I do Linux, vi and Perl.Man, the other day I wrote a story that called Richard Stallman a bit of a nutter and no one even blinked.[url]http://www.techspot.com/news/22385-torvalds-bla
ts-gpl-version-3.html[/url][Edited by Phantasm66 on 2006-08-02 15:41:48]
slake said:
[quote] "and call me crazy but I was under the impression that people really into those things used Macs." [/quote]Hardly. Our advertising firm does all what you call "multimedia" on Windows. It's the most logical. We develop for %95 Windows machines so why not build it in Windows. Less headaches. Faster Production. More software choices. Your impression is a result of your inability to separate fact from fiction you see on TV and read in blogs.[quote] “If you are interested in things like these you will quite quickly realise that Windows and Windows applications are often behind in a number of key areas” [/quote]I’m more than interested friend. It’s been my profession for the last 10 years. Windows may be behind a bit in the fancy GUI department but not in functionality and choice. We use so many tools to produce our end result. Not a chance on anything else.[quote] “Actually, I feel that Flash, Photoshop and AfterEffects is not really computing, its computer aided multimedia. Computing is hardware, software, programming, databases, etc.” [/quote]We use the tools of the trade to produce products for our customers. We most certainly “program” in flash via Actionscript. We also tap into the Windows API via MDMscript. I’ve heard of CADCAM (computer aided drafting and computer aided manufacturing) but not CAM (computer aided multimedia)! That’s a hoot! We also tap into databases on a regular basis with our programs. Just because we don’t “always” write line for line code doesn’t mean we don’t compute.
Phantasm66 said:
I agree with some of the things you are saying but I think you would do well to avoid sweeping statements like:"I think this article is nothing but anti-MS babble," and"Your impression is a result of your inability to separate fact from fiction you see on TV and read in blogs."
Phantasm66 said:
Additionally, I want to point out that there is nothing anti-microsoft about me at all. I am into all computing. Some things have their strengths, and their weaknesses.When I post articles that criticise the methods of the RIAA and MPAA, no one accuses me of supporting copyright theft. When I write articles that talk about new viruses and malware, no one tries to say I support cracking. When I wrote a story last year that heavily criticised Cisco for their handling of a security flaw that was found, no one accused me of being anti-Cisco.And yet as soon as you say that some Microsoft technology is lacking or deficient, people brand you a Microsoft hater. Its kind of sad.
spike said:
I've never understood why there are people that so ardasntly support and stand up for microsoft - with so many users, I would have thought that MS could easily stand up for itself, and that the situation is self evident.
Mictlantecuhtli said:
The Powershell looks promising, I'm testing it too. It's going to take some time to learn it though.Remains to be seen how many users will report strange behaviour when scripts change windows and send keystrokes to applications...It's quite handy for sysadmins dealing with many computers at once.
Phantasm66 said:
I just don't have time right now to learn PowerShell - I'm busy getting to advanced Perl stuff, Websphere and trying to learn some stuff about Oracle. So much technology, so little time.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.