funsec mailing list archives
RE: 13-year old boot sector virus shipped on German laptops
From: <Toralv_Dirro () McAfee com>
Date: Mon, 17 Sep 2007 21:49:37 +0100
Boot sector viruses don't spread easily (read: 'at all') under current operating Systems. Doesn't matter if there is a floppy or not INT 13 is all they know and care about, all real 32bit OS use their own drivers, not the BIOS to adress floppies. They get killed during the startup of the OS. cheers, Toralv PS: I did blog about it somewhere here: http://www.avertlabs.com/research/blog :)
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Juha-Matti Laurio Sent: Sonntag, 16. September 2007 01:12 To: funsec () linuxbox org Subject: [funsec] 13-year old boot sector virus shipped on German laptops Some references: http://sunbeltblog.blogspot.com/2007/09/german-computer-maker- ships-laptops.html http://www.virusbtn.com/news/2007/09_14.xml http://www.medion.de/popup_md96290.htm http://www.bullguard.com/support/tech-guides/how-to-remove-sto
nedangelina.aspx
After digging the specifications from Medion's site it appears that these models (MD 96290 Notebook) don't include a floppy drive: http://www.medion.de/md96290/nord/_content/techdetails/index.html This is the only good news, the virus can't spread so easily. I have written this entry http://blogs.securiteam.com/?p=998 too and posted the case to /. http://it.slashdot.org/article.pl?sid=07/09/15/1623230 - Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Firmensitz: Muenchen Amtsgericht: AG Muenchen Handelsregister: HRB 144340 Geschaeftsfuehrer: Eric F. Brown, Anthony E. Ruiseal Bankverbindung: ABN-Amro Bank N.V. Konto 671 211 9006 UST-ID: DE168122444 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 13-year old boot sector virus shipped on German laptops Juha-Matti Laurio (Sep 15)
- RE: 13-year old boot sector virus shipped on German laptops Richard M. Smith (Sep 15)
- RE: 13-year old boot sector virus shipped on German laptops Toralv_Dirro (Sep 17)
- Re: 13-year old boot sector virus shipped on German laptops Valdis . Kletnieks (Sep 17)
- RE: 13-year old boot sector virus shipped on German laptops Toralv_Dirro (Sep 17)
- Re: 13-year old boot sector virus shipped on German laptops Valdis . Kletnieks (Sep 17)
- <Possible follow-ups>
- RE: 13-year old boot sector virus shipped on German laptops Gregory Hicks (Sep 15)
- RE: 13-year old boot sector virus shipped on German laptops Juha-Matti Laurio (Sep 17)
- RE: 13-year old boot sector virus shipped on German laptops Toralv_Dirro (Sep 17)