http://www.theregister.co.uk/content/8/18516.html By: John Leyden Posted: 25/04/2001 at 17:20 GMT A virus infection of security fix files on Microsoft's partner and premier support Web sites has forced the software giant to suspend certain downloads for more than a fortnight. Microsoft issued an alert on Monday, which states that various Hotfix files on its Premier Support and Microsoft Gold Certified Partners Web sites are infected with the FunLove virus. A copy of the notice said Microsoft has stopped access "in order to protect customers" to an unspecified number of files, and expects to be able to restore access later today. Customers were advised to contact their technical account manager in the interim. According to a copy of the notice sent to The Register: "Microsoft expects the FunLove infection period spanned approximately two weeks, from Friday, April 6, 2001 to Friday, April 20, 2001." Microsoft was able to say that a US hosting partner ran both sites and it wasn't able to put us in touch with someone familiar with the issue by the time we went to press. Eric Chien, chief researcher at Symantec's antivirus research centre, confirmed the information supplied by our informant and said the infection must have resulted in a breakdown of procedures that normally proceed the posting of software by Microsoft. Any software posted by Microsoft is normally scanned for virus using a variety of anti-virus software, he said, and in this case there must have being a "mix-up" coupled with the use of a virus infected PC in a test and development environment by Microsoft. Despite what is, by any standard, a monumental security cock-up by Microsoft, Chien said the problem is likely to have a "low impact" because FunLove is an older virus that almost all the security giants partners and enterprise customers are likely to be protected against. The FunLove virus stopped production at Dell for two days in November 1999 and the virus is considered a particularly nasty bug. In January this year Hewlett-Packard unwittingly distributed printer drivers corrupted by the FunLove virus. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 00:44:21 PDT