jln@casbah.acns.nwu.edu (John Norstad) (06/29/91)
Disinfectant 2.5 ================ June 28, 1991 Disinfectant 2.5 is a new release of our free Macintosh anti-viral utility. Version 2.5 detects the new C strain of the ZUC virus, recently discovered in Italy. See the section on the ZUC virus in the 2.5 online manual for details. Version 2.5 also recognizes the MDEF D virus. We do not believe that the D strain of MDEF was ever released to the public. Disinfectant recognizes it anyway, just in case it was inadvertently released. See the section on MDEF in the 2.5 online manual for details. Neither of these two viruses is malicious, and we have no reason to believe that either of them is widespread. It is no longer possible to support the old 64K ROMs or operating system versions prior to 6.0 in Disinfectant. Beginning with version 2.5, Disinfectant requires a Mac 512KE or later model and system 6.0 or later. These restrictions are necessary because Apple's Macintosh Programmer's Workshop, which we use to develop Disinfectant, no longer supports the old ROMs or old systems. Version 2.5 corrects an error which sometimes caused Disinfectant to crash after printing the online manual, especially on HP DeskWriter printers. The online manual contains a new section titled "System 7 Notes." This section discusses important issues regarding viruses, Disinfectant, and System 7. It also describes our plans for Disinfectant 3.0. This new section is reproduced in full below. Disinfectant 2.5 is available now via anonymous FTP from site ftp.acns.nwu.edu [129.105.113.52]. It will also be available soon on sumex-aim.stanford.edu, rascal.ics.utexas.edu, comp.binaries.mac, America Online, CompuServe, GEnie, Delphi, BIX, MacNet, Calvacom, AppleLink, and other popular sources of free and shareware software. Macintosh users who do not have access to electronic sources of free and shareware software may obtain a copy of Disinfectant by sending a self- addressed stamped envelope and an 800K floppy disk to the author at the address given below. People outside the US may send an international postal reply coupon instead of US stamps (available from any post office). Please use sturdy envelopes, preferably cardboard disk mailers. People in Western Europe may obtain a copy of the latest version of Disinfectant by sending a self-addressed disk mailer and an 800K floppy disk to macclub benelux. Stamps are not required. The address is: macclub benelux Disinfectant Update Wirtzfeld Valley 140 B-4761 Bullingen Belgium System 7 Notes ============== Disinfectant 2.5 works properly with Apple's new System 7, provided you remember the following three special rules: 1. Leave the Disinfectant INIT in the System Folder proper. Do not move the INIT to the new Extensions Folder. 2. If you try to repair an infected file, Disinfectant may tell you that the file is busy and recommend that you "try again without MultiFinder." However, you can't turn off MultiFinder in System 7. If this situation occurs, restart your Mac using the 800K "Disk Tools" startup floppy that comes with System 7 (or any other startup disk which contains an old System 6 startup System with MultiFinder turned off). Then run Disinfectant again. 3. There is one small problem with Disinfectant's custom get file dialog with which you can select a folder to be scanned. Don't try to select anything in the Desktop level in this dialog. Disinfectant may crash or scan the wrong object. We are working on a new version 3.0 of Disinfectant which will fix all three of the problems mentioned above. Following are some other features planned for Disinfectant 3.0. Version 3.0 will take full advantage of the new facilities available in System 7, including Balloon help, color icon families, anti-viral and other Apple events, icon dropping in the Finder, and proper placement of the Preferences file and the Disinfectant INIT file in the new Preferences and Extensions folders respectively. Version 3.0 will eliminate the restriction that the INIT must load last. The INIT will be renamed "Disinfectant Extension." Version 3.0 will include a new "Upgrade" command which, in the future, will make it possible for people to download very small upgrade files instead of entire new versions of the program. The version 3.0 online manual will include a very thorough discussion of all the issues regarding viruses and Disinfectant as they relate to System 7. We hope to release version 3.0 later this summer. You should also be aware that System 7 is completely immune to the "Desktop file" viruses (WDEF and CDEF.) These viruses never activate, spread, or cause any damage under System 7. Both hard disks and floppy disks are immune to these viruses under System 7. Since the Disinfectant INIT detects and blocks viruses when they first try to attack your system, and since the Desktop file viruses never attack under System 7, the Disinfectant INIT will not detect them under System 7. The Disinfectant application, however, will still detect and remove the Desktop file viruses. You should also be aware of a problem with System 7's new file sharing feature. If you share a folder and permit write access to it by granting the "make changes" privilege with the new "Sharing" command, it is possible for files in the shared folder to become infected by a virus over the network, even if you have the Disinfectant INIT installed on your Mac. The INIT will, however, prevent the virus from spreading to your non-shared folders. It will also completely block any attempt by the virus to execute it's viral code on your Mac or cause any damage to your Mac. We have always had the problem of viruses spreading over a network to files in writable folders on dedicated AppleShare file servers. With System 7's new file sharing, this has now also become a problem on personal Macs. Virus infection over the network is only one of many serious security problems with writable shared folders. Writable shared folders are inherently insecure, and no kind of anti-viral or other security software can prevent damage to their contents. To minimize these problems, we recommend that you limit write access to your shared folders to only trusted individuals. Never grant write access to guests (any user.) The only way to eliminate the problems completely is to never grant the "make changes" privilege to anyone except yourself. John Norstad Academic Computing and Network Services Northwestern University 2129 Sheridan Road Evanston, IL 60208 USA Internet: j-norstad@nwu.edu Bitnet: jln@nuacc America Online: JNorstad CompuServe: 76666,573 AppleLink: A0173