Computer virus

:This article is concerned with malicious computer programs; for other uses of the term see virus (disambiguation). An extensive treatment of the pluralization of the word "virus" in English is found in the article Plural of virus.

Viruses and legitimate software

The vulnerability of operating systems to viruses

Another analogy to biological viruses: just as genetic diversity in a population decreases the chance of a single disease wiping out a population, the diversity of software systems on a network similarly limits the destructive potential of viruses.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~

This became a particular concern in the 1990s, when Microsoft gained market dominance in desktop operating systems and office suites. Users of Microsoft software (especially networking software such as Microsoft Outlook and Internet Explorer) are especially vulnerable to the spread of viruses, since Microsoft software often includes many errors and holes. Integrated applications, applications with scripting languages with access to the file system (for example Visual Basic Script (VBS), and applications with networking features) are also particularly vulnerable. Microsoft's software is also targeted by virus writers because of their desktop dominance.

Related Topics:
Microsoft - Office suite - Microsoft Outlook - Internet Explorer - Visual Basic Script

~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Although Windows is the most popular operating system for virus writers, some viruses also exist on other platforms. It is important to note that any operating system that allows third-party programs to run can theoretically run viruses. However, some operating systems are less secure than others. Unix-based OSes (and NTFS-aware applications on Windows NT based platforms) only allow their users to run executables within their protected space in their own directories.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~

A well-patched and well-maintained Unix system is very well-secured against viruses. Windows has the same type of scripting ability as Unix based systems, but doesn't natively block normal users from executing such scripts written by a third-party as Unix does for users who are not running as root. More recently, Microsoft's Outlook (but not Outlook Express) e-mail client has developed similar features when dealing with executable file types that Outlook may download as attachments. Ordinary users would do well to patch their operating systems and e-mail clients to prevent viruses and worms from reproducing through security "holes" which prudence and virus scanners are unable to prevent.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~

The role of software development

Because software is often designed with security features to prevent unauthorized use of system resources, many viruses must exploit software bugs in a system or application to spread. Software development strategies which produce large numbers of bugs will generally also produce potential exploits.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Closed-source software development as practiced by Microsoft and other proprietary software companies is also seen by some as a security weakness. Open source software such as Linux, for example, allows all users to look for and fix security problems without relying on a single vendor. Some advocate that proprietary software makers practice vulnerability disclosure to ameliorate this weakness.

Related Topics:
Proprietary software - Open source - Vulnerability disclosure

~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Anti-virus software and other countermeasures

Many users install anti-virus software that can detect and eliminate known viruses after the computer downloads or runs the executable. Some virus scanners can also warn a user if a file is likely to contain a virus based on the file type; some antivirus vendors also claim the effective use of other types of heuristic analysis. Some industry groups do not like this practice because it often increases the number of false positives the anti-virus software detects. They work by examining the contents of the computer's memory (its RAM, and boot sector) and the files stored on fixed or removable drives (hard drives, floppy drives), and comparing those files against a database of known virus "signatures". Some anti-virus programs are able to scan opened files in addition to sent and received emails 'on the fly' in a similar manner. This practice is known as "on-access scanning." Anti-virus software does not change the underlying capability of host software to transmit viruses. There have been attempts to do this but adoption of such anti-virus solutions can void the warranty for the host software. Users must therefore update their software regularly to patch security holes. Anti-virus software also needs to be regularly updated in order to gain knowledge about the latest threats and hoaxes.

Related Topics:
Anti-virus software - Downloads - File type - RAM - Boot sector - Database - Patch

~ ~ ~ ~ ~ ~ ~ ~ ~ ~