Delphi Handbooks Collection


Delphi XE Handbook


Delphi 2010 Handbook


August 21, 2009

More on the Delphi Virus Alert

Yesterday there was a flurry of posts regarding the Delphi virus alert regarding W32/Induc-A. Some are worth referring, as the overall discussion this has started is quite interesting (and rather high level).

Yesterday there was a flurry of posts regarding the Delphi virus alert regarding W32/Induc-A. Some are worth referring, as the overall discussion this has started is quite interesting (and rather high level). Here is a list of relevant posts:

  • First of all, Embarcadero is full aware of this, and Allen Bauer has posted a very interesting blog entry, A Tempest in a Teapot or something more sinister?, about the problem. Allen says:"At this point, here at Embarcadero, we’re actively analyzing situation and overall impact to our community. We’re also working on recommendations about how to find out if you’re infected and what to do once you see that you are. Throughout all this we’re working on recommended steps can you take to guard against re-infections."
  • Craig Stuntz has a very nice post referring to Ken Thompson’s Turing Award Speech, which I find very intriguing. For one of my major applications I compile in a dedicated virtual machine I never touch, to avoid any unrelated side effect in chages I'd to to components or other configuratiojn issues. This is much easier to do as that's a Linux program compiled with Kylix.
  • There is a good summary (with interesting suggestions) on Tim Anderson blog, #34ing also my previous post.
  • The article on The Register has an interesting set of comments, including one by product manager Micheal Rozlog.
  • Thomas Pfister has a first hand account.

Again, the virus itself is not apparently producing any real damage, rather than spreading itself to Delphi installations. If you are currently compiling from old versions of Delphi (4 to 7) check your installation or test with an anti-virus one of the programs you compile. If affected, however, go look for the program that brought you the infection, or your system units will be affected again.

There is one thing I wanted to add in defense of Embarcadero: the fact they are taking seriously a thread to a development environment that's many years old and not on sale any more, is certainly positive. What would have Microsoft done to a Word 2003 virus rather than suggesting users to upgrade? Still, when considering the overall cost of upgrading your Delphi installation you shoudl add the benefit of a mroe controlled environment: certainly using a very old versions of the products exposes you to an extra risk!

 





 

9 Comments

More on the Delphi Virus Alert 

I am sure the virus has been written by Mr. Hodges. 
After endless attempts to convince people to migrate 
from previous Delphi versions, especially Delphi 7 
(there's no reason to try about D8, 2005 or 2006, 
people jumped away from them ASAP), in the dark of 
his office he found no better way to have antivirus 
detecting older Delphi releases as infected and scare 
users to force them to upgrade.
Or maybe it just attacks Delphi 7 and older releases 
because the writer never upgraded too?
Comment by Luigi D. Sandon on August 21, 12:05

More on the Delphi Virus Alert 

Luigi,

  I think you are right on the last point. The virus 
writer never upgraded!
  
Comment by Marco Cantu [http://www.marcocantu.com] on August 21, 12:08

More on the Delphi Virus Alert 

What would have Microsoft done to a Word 2003 virus 
rather than suggesting users to upgrade?

I believe there will be security bulletin notification 
and accompanied hot fix.

Microsoft support policy is clearly stated at 

http://support.microsoft.com/lifecycle/?LN=en-
us&x=13&y=9

http://support.microsoft.com/lifecycle/?p1=2488

Regards,


Comment by Lex Li [http://blogs.msdn.com/lexli] on August 21, 13:37

More on the Delphi Virus Alert 

You know Marco, the virus source code is out there,
and with a few lines of code it could be changed to
infect BDS2006, RAD2007, 2009 and 2010, couldn't it?
Maybe something like that is already spreading, and we
will know only months ahead. So this is not a good
reason to upgrade.

Best regards
Comment by Alexandre Machado [http://alexandrecmachado.blogspot.com] on August 21, 13:40

More on the Delphi Virus Alert 

>> "I am sure the virus has been written by Mr. Hodges."
>>  "scare users to force them to upgrade"

This is totally pointless :) Don’t forget that Delphi’s 
“users” are no ordinary users, but programmers. Now tell 
me, how many programmers will be scared of such a 
threat? This virus, I think, is just a joke :)
Comment by ua.Skywalker [http://www.subtlesoft.com] on August 21, 18:02

More on the Delphi Virus Alert 

It affects only D7 apparently, but what will happen if
the virus "mutate" and affect newer versions? the
mechanism of the virus could be the same.
Comment by on August 21, 18:08

More on the Delphi Virus Alert 

Luigi,

"I am sure the virus has been written by Mr. Hodges."

I certainly hope you're being facetious, because that
is a very serious accusation. 
Comment by Allen Bauer [http://blogs.embarcadero.com/abauer] on August 21, 20:25

More on the Delphi Virus Alert 

I guess Marco understood I was kidding even if no 
emoticons or the like were present, otherwise I 
believe he wouldn't have published my comment, nor 
replied to it that way.
I thought it was an obvious joke about the fact that 
the virus infects only those older releases and the 
emphasis about upgrading.
If it was not and someone felt offended, I apologize 
for it.
Comment by Luigi D. Sandon on August 22, 02:08

More on the Delphi Virus Alert 

Today i've installed Delphi 7 on a pc with no virus
(windows 7 beta 2)
I've problems with virus alert on the laptop, so i
tried to put it on a different pc and os from scratch
well after finishing, i started delphi, put simply a
button on a form and, when trying to compile, i got
the virus alert. 
On the laptop the problems started 3 days ago....
I think there may be problems with AV engines (i use
avast prof. on the laptop, avg 8 full on the pc with
windows 7)
Comment by andrea on September 11, 18:16


Post Your Comment

Click here for posting your feedback to this blog.

There are currently 0 pending (unapproved) messages.