ad info
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




Symantec spots first Java virus

August 19, 1998
Web posted at: 11:15 AM EDT

by Ellen Messmer


(IDG) -- Symantec, a maker of antivirus software, said it has spotted the first Java virus. However, the company said Java users should not be alarmed because the virus, which was recently posted on a hacker Web site, isn't deliberately destructive and the security features in Java browsers make it unlikely the virus could infect a user's files.

  Network World Fusion home page
 Free registration required to access Network World
  Free Network World Fusion newsletters
  Get Media Grok and The Industry Standard Intelligencer delivered for free
 Reviews & in-depth info at's personal news page
  Questions about computers? Let's editors help you
  Search in 12 languages

The Java virus, said to weigh in at about 3,890 bytes, can replicate itself across any machine running the Java Virtual Machine, said Cary Nachenberg, chief researcher at Symantec's antivirus research center. It tries to search for Java class files, and when it finds them, it inserts itself into them.

"It does nothing intentionally malicious," said Nachenberg about the Java virus. The virus is the first of its kind in a cyberspace now populated with tens of thousands of different virus programs, many of them designed to be transported via Microsoft's mail program. "This one is parasitic, replicating in native Java class files."

However, he acknowledged the Java virus might be inadvertently capable of doing damage to Java class files because it can change the way the file handles error-checking and exception handling once it has been infected. Although Java browsers, which use a "sandbox" security method, should keep the virus from infecting the user's drive, there is concern that Java virus writers may come up with more effective delivery methods to outwit the Java browser's security.

"This is clearly a fundamental new class of virus," he said. "It seems to be a kind of proof of concept, and we can expect to see more viruses of this type."

Symantec said it will have an antivirus update for the Java virus on its Web site Thursday at for Norton AntiVirus software users who may be concerned. "At this point, though, this is not a major threat to users," Nachenberg emphasized.

Related stories:
Latest Headlines

Today on CNN

Related stories:

Note: Pages will open in a new browser window Related sites:

External sites are not
endorsed by CNN Interactive.

Enter keyword(s)   go    help


Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.