This is another question I see get asked a lot around the place, so I'm posting my latest answer to this question here.
Can someone tell me, if I download a zipped file which contains a virus and open this file then would my system would most likely become infected?
An example would be a zipped file containing an image file containing a virus; if I unzip the file and view the image without extracting it would it infect my system or do I need to extract the image to a folder and then view it.
The answer isn't clear-cut I'm afraid, but we'll start with the bit that IS
clear.
Viruses are malicious computer code. Computer code has to be
'executed', that is, loaded into memory and run as if it were a program,
before it can do anything. Therefore malicious code such as a virus has to
be *executed* in order to harm you. There is nothing magical about a
computer virus that means that simply downloading one on your computer or
viewing a non-executable file (such as a graphical image file like you talk
about here) that can cause a virus to be executed.
Simply downloading
a zipped-up file does not execute the contents of the zipped up file to be
'executed', therefore the malicious code will not run. Likewise, opening the
zip file with winzip or winrar and dragging the infected file onto your
desktop will not cause the virus code to be executed.
Viruses can not
magically infect your system because they were contained in a zipped up file
that you downloaded. Nor will they infect you just because you opened the
zip file and extracted the infected file. Only if you do something that
causes the file to be 'executed' then it can become harmful.
Of course, the question that inspired this post asked about image files (look, I'm going to refer to it as a JPEG from now on
because that's less typing and it also ties nicely into where I want to take
this discussion) and as these are not executable files then even loading
this jpeg into paint or photoshop or whatever you use will not cause the
code inside it to be 'executed' even though the file is loaded into
memory.
That was the simple part. Now we venture into the real world and things start to get tricky.
So far we've been talking about things in the
assumption that your operating system and the programs on it behave
perfectly in every way. In other words, I'm assuming that the operating
system and your applications don't have an accident or get tricked into
executing the contents of the JPEG file as if it were code even though it
shouldn't.
That's where the whole house of cards wobbles a bit, all
computers have bugs, faults in the computer code where things don't happen
as planned (I'm sure you already know that!). Some of these bugs can be
exploited in order to allow something that should never be executed as code
to be executed.
For example, there could be a bug in the program that
handles zip archives that can be exploited to allow a file being unzipped to
get executed automatically.
There could be a bug in the way the
operating system and even some applications hanldes graphics files that can
be exploited to 'trick' the system into executing the contents of the JPEG
file as if they were code, hence allowing your virus to run on the target
system.
These are not hypothetical situations here. I've contrived this
part of the discussion to lead on to some fairly nasty examples such as this
one, and
just to prove this isn't a problem exclusive to Microsoft, I want to link to
an equally stupid bit of work on the part of Apple which I have covered previously on this website.
After 6 months battling with Vista, I have finally come to the conclusion that Vista is, as they say, "teh suck". I came to this conclusion after Windows Installer died a horrible horrible death and I was unable to add or remove any programs from my system. [YOU ARE UNINSTALLING VISTA. CANCEL OR ALLOW]
Now it would be wrong to say that Microsoft didn't try to help. They provide a tool to 'clean up' Windows Installer in the event of you having problems with it. Sadly, this tool requires Windows Installer to be working in order to be installed so that it can fix your broken Windows Installer system. I have no idea if this is an attempt at existentialist irony or if the whole team behind this product simply consists of <BLANK> idiots. [YOU ARE CRITICISING MICROSOFT. CANCEL OR ALLOW]
I was forced to give up Vista due to faults but it wasn't until I put
XP back on this machine that I realised how badly Vista was dragging it
down. It makes a nice change to have my desktop computer back to it's old habits of doing what I want it to do when I want it to do it once again. With Windows Vista I always felt like I had to shadow-box it and trick it into doing things for me at times, with things like being able to turn on or off hidden files in explorer or quickly view the properties of my network connection being 2 or 3 clicks away at the most in XP and god only knows where in Vista.[YOU ARE POINTING OUT FLAWS IN VISTA. CANCEL OR ALLOW]
All this time my Mac laptop has sat quietly by just getting on with the things I need to rely on having done. "You are coming to a sad realisation. Cancel or allow?"
In any case, one shiny new Windows XP with SP2 install later and I'm happy. Well happy enough... with well over 100 hotfixes and patches downloaded onto my computer from Microsoft Update, isn't it about time we saw a Service Pack Three for Windows XP? How about it Microsoft... Cancel or Allow?
Format: mov
Duration: --:--