[Lazarus] delphi - virus
Bruce Tulloch
bruce at causal.com
Fri Aug 21 03:08:07 CEST 2009
Some more information on this...
Its propgation mode is that it changes sysconst.dcu, and any app compiled and
subsequently run on a machine which has delphi installed has its sysconst.dcu
infected. Fixing is easy, as your original sysconst.dcu is renamed sysconst.bak,
so you just switch it back and make the directory non-writable.
Details at:
http://www.symantec.com/security_response/writeup.jsp?docid=2009-081816-3934-99
Cheers, Bruce.
PS: of course it does not affect Lazarus :-)
waldo kitty wrote:
> Martin wrote:
>> Just something I found:
>>
>> http://www.h-online.com/security/Virus-infects-development-environment--/news/114031
>
>
> speaking as one who spends a lot of time on security aspects like
> this, i thank you for posting it... similar things have actually
> occurred in the past but there was not the available coverage such as
> we have today so their existence was not widely known and those who
> did get hit with such a critter quietly cleaned up their installations
> and released new versions to replace the infested ones...
>
> FWIW: i recall a TP/BP6 and TP/BP7 critter of such fame way back in
> the day...
>
> --
> _______________________________________________
> Lazarus mailing list
> Lazarus at lists.lazarus.freepascal.org
> http://lists.lazarus.freepascal.org/mailman/listinfo/lazarus
More information about the Lazarus
mailing list