As you might guess, the New Scientist article on the Microsoft research "friendly worms" paper excited more annoyance than admiration, not only here but elsewhere in the research community. However, when a link to the actual paper turned up (thanks to Jimmy Kuo for pointing it out), it turned out be rather less dramatic. While it does refer to malware from time to time to illustrate distribution models, it’s several levels of abstraction away from the self-distributing patch mechanism that New Scientist seems to think it’s about. (Unfortunately, a million other articles have appeared since that have taken their cue from New Scientist, not from the actual paper.
Of course, we don’t know exactly what, if anything, the researchers in question said directly to New Scientist. If a benevolent Microsoft worm does exist as a gleam in someone’s eye, they’ll have to reconcile it at the implementation stage with the fact that Microsoft is also in the anti-malware business, and the industry hates the idea of unnecessary replicative code with a passion. (Even if there are still people out there who think we write all the viruses ourselves.)
In the meantime, the usual objections still apply.
But if you’re still not sure, read Vesselin’s paper: it doesn’t leave many stones unturned.
Author David Harley, We Live Security