- Chapter 17: Viruses and Worms
- Objects at Risk of Virus Infection
- Who Writes Viruses, and Why?
- Anti-Virus Utilities
- Future Trends in Viral Malware
- Publications and Sites
- Summary
Objects at Risk of Virus Infection
Thousands of new viruses have been reported in recent years. Viral mechanisms differ widely, and any type of file can be affected. However, viruses can only spread when code is executed, which means that only files or other objects (such as the boot sector) containing executable code can be carriers for further infections. This doesn't mean, however, that only binary executable files such as DOS/Windows .EXE and .COM files can be infected.
Some data files can also contain executable code in the form of embedded macros. At present, Microsoft Office includes two of the applications (Word and Excel) that are most vulnerable to virus attacks that take advantage of interpreted macro/scripting languages, such as Visual Basic for Applications and its siblings. Although macro viruses are possible (and exist) for non-Microsoft applications, word processors that store macro code in separate files rather than within document files are arguably less vulnerable. People are far less likely to swap macros than documents.
Shell scripts, batch files, interpretable source code, even Postscript files also contain executable code and could, in theory, be vulnerable to virus attack. The likelihood of such an attack depends on a number of factors, however, such as the popularity of the platform and the access controls native to the operating environment. The restricted write access allowed to unprivileged accounts in a multiuser environment like UNIX or NT does tend to impede the spread of viruses and Trojans in such environments. However, it would be unwise to rely exclusively on this fact for protection of such systems. Some of the earliest experiments with viruses were, in fact, made on UNIX systems.