Any information from virus vendors should be viewed with skepticism. It make sense to compare several sources of information especially if you do not have a sample of a particular virus and unable to analyses it yourself. Often they overestimate the danger and do not mention a limitations of a particular virus
Questions to be asked depend on the type of the virus. for file virus or executable file based Trojan it make sense to try to find an answers on the following questions:
- Is it working in NT environment or particular version of Windows that I use?
- Is it depends of service packs installed (viruses are usually highly specialized program and virus authors usually do not test them in different environments)?
- Does it depends on DLL installed and if yes on what DLL?
- For macro viruses the questions to be asked include:
- Is it really working on the version of MS Office that I/my organization use (most early macro viruses do not work with Office 97 and Office 2000)?
- Is it a specific mailer program or version of MAPI dependent ? Does the virus/worm propagate in a particular version of messaging software? For example if you use Netscape Messenger or Notes instead of Outlook as a mail client, then Melissa represents much less danger — you still can pass it to your friends for forwarding a particular attachment, but that’s it — your computer will never redistribute the virus automatically as was intended by the virus author.
- Is it too buggy to propagate?
Previous Page
Next Page