New Virus Exploits Vulnerabilities in 64-bit Windows

The worm, dubbed W64.Shruggle by Symantec, is written in AMD64 Assembly code and is not widespread, though its existence shows that virus writers are already looking for ways to exploit the next generation of operating systems.

The virus does not affect 32-bit operating systems such as Windows 2000 or Windows XP unless the operating system is emulating a 64-bit environment. When W64.Shruggle.1318 is executed, it searches 64-bit executable files that are in same folder, and all subfolders, as the one from which the virus was executed. When it finds a 64-bit executable file, the virus appends itself to the file, including .dll files.

W64.Shruggle will be the first virus to test AMD's new processor, which the company claims helps stop viruses from infecting a system.

W64.Shruggle does not affect DOS, Linux, Macintosh, OS/2, UNIX, Windows 2000, Windows 3.x, Windows 64-bit (IA64), Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003 and 32-bit Windows XP.