VIRUS INSIDE DELPHI SOURCE CODE/EXE : IS IT REALLY TRUE ?

Hi everybody;

Sophos has submitted an alert concerning virus/worm that could be introduced inside a Delphi program, regarding source code or bpl compiled units.

Is it true, false. What is the position of Avast, and if it is true, does Avast provide an update for this problem ?

Thank You

Jean-Michel

Quite an old news :wink:

http://blog.avast.com/2009/08/19/win32induc-new-concept-of-file-infector/

Hi jmgway,

As you have found out by now this has been out for a couple of months (3-4 months)/ After being known as a possible file infector vector in Borland-Delphi developer inner circles - the POC was leaked/released by someone and so appeared “in the wild” where it was picked up by MS and soon other av vendors flagged it, because it is a working exploit (not with a payload yet) and has quite a nasty potential, so it should be stopped in its tracks.
So you could go back to versions that have not been infected with this file infector (a good 30% is infected), but the makers of Borland Delphi have to come up with a patch, already some software has updated to clean versions and for others you have to regress to before this incident, so avast is not to blame it just flags the infection vector, right?

polonus