Anti-virus experts have intercepted the first computer virus targeting 64-bit Windows workstations.
According to an advisory issued by Symantec, W64.Shruggle.1318 is a fairly simple “proof-of-concept” virus programmed to attack 64-bit Windows executables on AMD64 systems.
Written in AMD64 assembly code and based on the W32.Shrug virus, the W64.Shruggle.1318 is a direct-action file infector, similar to W64.Rugrat.3344 that infects AMD64 Windows Portable Executable (PE) files, Symantec said.
W64.Shruggle.1318 searches 64-bit executable files in the same folder, and all subfolders, that the virus was executed. When it finds a 64-bit executable file, the virus appends itself to the file, unless it is a .dll file (.dll files are not affect).
“It remains critical for IT administrators and PC users to deploy an advanced integrated security solution to protect against the latest threats,” said Symantec senior director Alfred Huger.
The virus does not infect 32-bit Portable Executable files and won’t run natively on 32-bit Windows platforms. However, it can be run on a 32-bit computer that is using 64-bit simulation software, Symantec said.