Security watchers have uncovered proof-of-concept (POC) malware that's capable (at least theoretically) of infecting either Windows or Linux PCs. Linux-Bi-A/Win-Bi-A is written in assembler so it is capable of infecting either Linux ELF binaries or Windows exe files.

The virus only infects files in a user's current directory and isn't spreading. The code for Bi-A is simple and its only action is to inject text strings into infected files. Bi-A poses no immediate risk to users in its present form. However, as Kaspersky Labs' virus list notes, it's possible that VXers will take the code and use it as a basis for more malicious malware. But then again, that could be said of previous cross platform viruses and thus far a heavy hitter has failed to materialise.

The SANS Institute concludes that the appearance of the PoC serves as a timely reminder that users ought not to run their machine as "root" or administrator. Running a computer via a separate user account limits the impact of hacker attacks, but it's a lesson ordinary Windows users, in particular, have been slow to take on board. Protecting computers - be they running Windows, Linux or OS/X - with anti-virus software is also a good idea. ®

Related stories

• Linux malware for iPods poses little risk (5 April 2007)
• Worm targets Windows PowerShell script (1 August 2006)
• Malware targets security research tool (6 July 2006)
• First StarOffice malware sighted (1 June 2006)
• Anti-virus groups fight over Crossover sharing (6 March 2006)
• PC-hopping mobile malware sighted (22 September 2005)
• First PocketPC virus found (19 July 2004)
• Virus attacks mobiles via Bluetooth (15 June 2004)