Risk: Informational
The proof-of-concept threat is not spreading in the wild, and it only affects 64-bit Windows systems.
Symantec Security Response has revealed that it has analysed the first 64-bit Windows attack code.
The attack is a proof of concept with no payload. Named W64.Rugrat.3344 by Symantec, it's very old-fashioned in technique. When executed it infects all 64-bit executable files, excluding .DLL files, in the directory from which it was executed, and all subdirectories, and then exits.
Rugrat will not execute on conventional 32-bit Windows systems nor will it infect 32-bit Windows executables. The worm is written in Intel Corp. 64-bit assembly language.
Currently, there isn't a broad penetration of 64-bit systems. Most home and business systems deployed today are running on 32-bit platforms and are not affected by this threat. At this time, anti-virus companies are not expecting widespread copycats, since assembly code requires advanced technical knowledge.