Microsoft shipments infected with Nimda
All of the Korean-language versions of Microsoft Corp.'s Visual Studio .Net developer tool shipped with a help file that is infected with the Nimda virus, company officials said Friday.
However, the application doesn't use the infected file so the risk of infection for users is virtually nil, Microsoft said.
And, even if a developer were to find and open the file, the version of Internet Explorer that ships with VS .Net is immune to Nimda, making it all the more unlikely that the virus could cause any damage to users.
"The risk is quite low, but we're taking the problem very, very seriously," said Chris Flores, lead product manager for VS .Net at Microsoft, based in Redmond, Wash. "We couldn't find any situations in which the developer could be infected."
Flores said the problem derives from an infected compiled help file that Microsoft's Korean sub-contractor sent the company. The compiled file contained several other files, some of which weren't scanned completely for potential problems.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.