dplatt@coherent.com (Dave Platt) (03/16/88)
According to an article in this morning's San Jose Mercury News, the "DREW"
INIT-virus has been found to have infected a commercial software product.
The virus, which was a "benign" time-bomb designed to display a message of
world peace on March 2nd, is present on disks containing Aldus FreeHand.
The virus was inadvertently passed to Aldus by Marc Canter, president of
MacroMind Inc., which makes training disks for Aldus. Canter visited
Canada some time ago, and was given a disk containing a program called
"Mr. Potato Head", which lets users play with a computerized version of the
toy character. Canter ran the program only once, and his machine was
apparently infected by the virus at this time. Subsequently, the virus
infected a disk of training software that Canter then delivered to Aldus;
at Aldus, the virus infected disks that were then sold to customers.
Although this virus was believed to be harmless, Canter reports that it forced
his Macintosh II computer to shut down and caused him to lose some computer
information. "My system crashed," Canter said, "I was really angry."
(( Not all that surprising... quite a few popular but nonstandard
programming tricks used on the classic Mac don't work on the Mac II
due to its different video card/monitor architecture... many
games, etc. don't run on the II for this reason and can cause some
very impressive system crashes... dcp ))
Canter fears that more of his customers may have been infected by the virus.
MacroMind's clients include Microsoft Corp., Lotus Development Corp., Apple
Computer Inc. and Ashton-Tate.
Microsoft has determined that none of its software has been infected, a
company spokeswoman said. Apple and Lotus could not be reached for comment.
Ashton-Tate declined to comment.
Aldus would not comment on how many copies of FreeHand are infected, but
admits that a disk-duplicating machine copied the infected disk for three
days. Half of the infected disks have been distributed to retail outlets;
the other half are in Aldus' warehouse.
Aldus will replace the infected disks with new, uninfected copies to any
FreeHand buyer who requests it, according to Aldus spokeswoman Laury Bryant.
The company will also replace the infected disks in its warehouse.
(( As I recall, the DREW virus infects the System file on affected
disks, but doesn't affect applications directly. I suppose that
Aldus could salvage the damaged disks by replacing the System
folders with copies from a locked, uninfected disk... but it'll
probably be faster for them to simply erase and reduplicate.
I have no idea what Canadian liability laws are like these days...
but I rather suspect that if MacMag were a United States company
rather than a Canadian one, its publisher would now be extremely
vulnerable to a liability-and-damages suit of some sort. This
escapade will probably cost Aldus a pretty piece of change in
damage-control expenses and perhaps loss-of-sales or injury-to-
reputation.
Kids, don't try this sort of thing at home!
--- dcp ))
--
Dave Platt
UUCP: ...!{ames,sun,uunet}!coherent!dplatt DOMAIN: dplatt@coherent.com
INTERNET: coherent!dplatt@ames.arpa, ...@sun.com, ...@uunet.uu.net