Arnaud Nicolet wrote:
Le 29 déc. 08 à 19:15 (soir), Bart Silverstrim a écrit:
Arnaud Nicolet wrote:
Le 29 déc. 08 à 17:08 (soir), Markus Winter a écrit:
Hi all,
as I exchange quite a few files with PC users I thought I give
ClamXav a try
on ma Mac. Unsurprisingly it flagged a few PC files that were send
to me as
infected, however it also flagged two files in the REALbasic framework:
/Applications/REALbasic 2007 Release 3/REALbasic 2007 Release
3.app/Contents/Resources/Frameworks/X86RunHoudini.exe:
Trojan.Dropper-12634
FOUND
/Applications/REALbasic 2008 Release 1/REALbasic 2008 Release
1.app/Contents/Resources/Frameworks/X86HoudiniConsole.exe:
Trojan.Agent-40367 FOUND
Are these false positives or real? I use Parallels Desktop from time
to time
but I find it hard to believe that that could lead to an infection
of my Mac
files ...
Well, if you share your Mac hard disk with the host OS, why would you
expect an eventual virus to not infect it?
I'd warn you against sharing anything but a small folder with Parallels.
I admit I don't know what are these X86RunHoudini files (a name that
does not seem reliable to me, by the way).
Because if you run Windows on a Mac, the Mac filesystem isn't the same
one used by Windows, so malware should only be able to infect files
that can be seen by the guest software?
Well, a virus running in Parallels can access local volumes (like the
boot drive) and shared volumes (which you can share as other drives
("Z:" for instance)). They are read-write (well, you can specify
read-only), and, therefore, have a format where Win32 can write (I guess
it's FAT32, but I didn't checked).
A virus won't spread on a Mac, of course, but deleting files on the Mac
from a guest is still possible.
Yes, if it's configured to do so. Depends entirely how it's set up.
I was pointing out one reason why it wouldn't happen. With most VM
systems you have it sandboxed to a degree...there's no reason to expose
the Applications folder to a Windows VM on the Mac. Those files are
useless to the virtual machine guest.
If he shared and/or exposed the entire filesystem to the Windows guest,
then in my opinion it's asking for problems. But the malware still would
be scratching its' head at most of the filesystem peculiarities it would
encounter with a shared drive, it would be limited to infecting just
what it knows how to infect via (probably) cifs, the file sharing
protocol. The raw filesystem would not work with the guest.
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives:
<http://support.realsoftware.com/listarchives/lists.html>
|