How many IT managers have argued in favor of Linux-powered servers and even PCs, simply because they believed the OS was safe from malware threats? I don't have any hard data, but I'm guessing the number is "lots and lots."

Turns out they were wrong.

Proving that malware can strike any operating system (remember, Windows is simply the biggest target), ZDNet's Ed Bott just reported on a trojan infiltration of an open-source Linux product.

Specifically, an Unreal IRC server download was replaced with a version containing a backdoor that "allows a person to execute ANY command with the privileges of the user running the ircd." Even more shocking, the switch happened back in November, 2009, meaning users have been running the compromised version for upwards of eight months.

Here's Bott's take on what happened, followed by my own:

Because even server administrators believe that open source and Linux software are impregnable by design, the official download of a widely distributed server product has been infected with a backdoor that gives bad guys complete ownership of the system. Oops.

Even more entertaining (if you can call it that), the Windows versions of Unreal IRC weren't affected. And if they had been, Bott notes, "a similarly infected Windows file in the wild would be detected within days if not hours after a routine virus scan by someone checking the download before installing it."

I'm not saying Linux zealots have to eat crow over this, merely that it's time to face the fact that no operating system is bulletproof. Ditching Windows for Linux merely because "Linux is more secure" just doesn't hold water anymore.

Agree? Disagree? Share your thoughts in the comments.