Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > JavaScript and malicious code?

Reply
Thread Tools

JavaScript and malicious code?

 
 
Lew
Guest
Posts: n/a
 
      01-27-2006
AIUI, it was not all that long ago when the threat to personal users,
was attachments that when executed compromised machines with keyloggers,
trojans, etc.

Now it seems that the big problem is reading a webpage or an HTML e-mail
and getting affected through the scripting. My understanding is that
the script downloads the malicious program from the web and sets it to
run on start up through the start-up folder or in the registry.

I don't know much about this; can someone suggest a good web site to
start learning a bit more about these threats. I have googled, but I am
not quire sure of the best search terms, and since there is so much
information out there, a site that experienced people endorse would be a
lot of help.

In particular, it seems as if JavaScript dowloading a trojran without
the user clicking an attachment is a big problem.

Thanks.
 
Reply With Quote
 
 
 
 
°Mike°
Guest
Posts: n/a
 
      01-27-2006
In message <l9xCf.14501$(E-Mail Removed)>,
Lew took 19 lines to impart the following:

>AIUI, it was not all that long ago when the threat to personal users,
>was attachments that when executed compromised machines with keyloggers,
>trojans, etc.
>
>Now it seems that the big problem is reading a webpage or an HTML e-mail
>and getting affected through the scripting. My understanding is that
>the script downloads the malicious program from the web and sets it to
>run on start up through the start-up folder or in the registry.
>
>I don't know much about this; can someone suggest a good web site to
>start learning a bit more about these threats. I have googled, but I am
>not quire sure of the best search terms, and since there is so much
>information out there, a site that experienced people endorse would be a
>lot of help.
>
>In particular, it seems as if JavaScript dowloading a trojran without
>the user clicking an attachment is a big problem.
>
>Thanks.


Malicious Web Scripts FAQ
http://www.cert.org/tech_tips/malicious_code_FAQ.html

Web Browser Vulnerabilities: Is Safe Surfing Possible?
http://www.windowsecurity.com/articl...abilities.html

Safe Surfing
http://www.pcpitstop.com/spycheck/safesurfing.asp

Safe Hex
http://www.claymania.com/safe-hex.html

Safe Computing Guide
http://www.trendmicro.com/pc-cillin/...afe_computing/
http://www.trendmicro.com/en/securit...e/overview.htm

Protect your PC
http://support.microsoft.com/default...gb/protect.asp

Safe Computing Practice
http://users.iafrica.com/c/cq/cquirke/safe2000.htm

Safe Computing Practices (Safe Hex)
http://www.cknow.com/vtutor/vtsafecompute.htm

--
Basic computer maintenance
http://uk.geocities.com/personel44/maintenance.html
 
Reply With Quote
 
 
 
 
Mike Easter
Guest
Posts: n/a
 
      01-27-2006
Lew wrote:
> AIUI, it was not all that long ago when the threat to personal users,
> was attachments that when executed compromised machines with
> keyloggers, trojans, etc.


Executing a malware executable by clicking on it has always been a
problem whether it comes in the email or on a floppy or CD or
downloaded.

> Now it seems that the big problem is reading a webpage or an HTML
> e-mail and getting affected through the scripting.


The scripting or html can potentially 'execute' or 'perform', depending
upon the insecure configuration.

> My understanding
> is that the script downloads the malicious program from the web and
> sets it to run on start up through the start-up folder or in the
> registry.


There are many html, scripting, and non-html non-scripting
vulnerabilities. The latest vulnerability of some interest is the WMF
or windows metafile vulnerability related to 'MICE' where the mice
acronym means metafile image code execution vulnerability. This is a
different kind of problem for Win2K and XP than the 9x family.

> I don't know much about this; can someone suggest a good web site to
> start learning a bit more about these threats.


All threats that have to do with windows insecurities? Some windows not
all? All threats that have to do with html and/or scripting
vulnerabilities as they relate to just the browser html rendering engine
subsystem vulnerabilities? How to configure your browser and your
mailuser agent securely?

> I have googled, but I
> am not quire sure of the best search terms, and since there is so much
> information out there, a site that experienced people endorse would
> be a lot of help.


There certainly is a lot of information -- I'm not sure where to start.

> In particular, it seems as if JavaScript dowloading a trojran without
> the user clicking an attachment is a big problem.


If you allow 'various' scripts to run and do things which you don't know
about, you are insecure -- where the degree of insecurity is influenced
by the particular script in question.


--
Mike Easter

 
Reply With Quote
 
Mike Easter
Guest
Posts: n/a
 
      01-28-2006
°Mike° wrote:

Excellent collection of links..


> Safe Computing Guide
> http://www.trendmicro.com/pc-cillin/...afe_computing/


Sorry, the web page you're looking for was not found



One of the trendmicro links is broken -- I can find a similar .au one
searching on safe_computing at the site.

http://www.trendmicro.com.au/consume...ting_guide.php

But I don't know if that is like the one which used to be in the
pc-cillin vinfo section.


--
Mike Easter

 
Reply With Quote
 
°Mike°
Guest
Posts: n/a
 
      01-28-2006
In message <43dab3ed$0$72593$(E-Mail Removed) ews.net>,
Mike Easter took 24 lines to impart the following:

<snip>

>One of the trendmicro links is broken -- I can find a similar .au one
>searching on safe_computing at the site.
>
>http://www.trendmicro.com.au/consume...ting_guide.php
>
>But I don't know if that is like the one which used to be in the
>pc-cillin vinfo section.


I honestly don't remember the exact PC-Cillin page, but it appears to
be the same one, because:
www.trendmicro.com.au/vinfo/safe_computing/

redirects to the link you gave above. I will be updating my list with
the UK link (same info).

Safe Computing Practices
http://uk.trendmicro-europe.com/smb/...ting_guide.php


This PDF document is also worth reading:

A Guide to Security
http://uk.trendmicro-europe.com/smb/...e_download.pdf

--
Basic computer maintenance
http://uk.geocities.com/personel44/maintenance.html
 
Reply With Quote
 
Plato
Guest
Posts: n/a
 
      01-28-2006
Lew wrote:
>
> Now it seems that the big problem is reading a webpage or an HTML e-mail
> and getting affected through the scripting. My understanding is that


http://www.bootdisk.com/bootlist/234.htm#5

Html is for webpages. Text is for email.

--
http://www.bootdisk.com/

 
Reply With Quote
 
zarathustra
Guest
Posts: n/a
 
      01-29-2006
Lew <(E-Mail Removed)> gibbered:

>AIUI, it was not all that long ago when the threat to personal users,
>was attachments that when executed compromised machines with keyloggers,
>trojans, etc.
>
>Now it seems that the big problem is reading a webpage or an HTML e-mail
>and getting affected through the scripting. My understanding is that
>the script downloads the malicious program from the web and sets it to
>run on start up through the start-up folder or in the registry.
>
>I don't know much about this; can someone suggest a good web site to
>start learning a bit more about these threats. I have googled, but I am
>not quire sure of the best search terms, and since there is so much
>information out there, a site that experienced people endorse would be a
>lot of help.
>
>In particular, it seems as if JavaScript dowloading a trojran without
>the user clicking an attachment is a big problem.


It's getting that way - byteverify being the most common culprit. It's
designed to exploit the MS Java VM (virtual machine), so use the Sun
version:
http://www.java.com/en/download/help/cache_virus.xml

>
>Thanks.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
REVIEW: "Computer Viruses and Other Malicious Software", Organization for Economic Co-operation and Development Rob Slade, doting grandpa of Ryan and Trevor Computer Security 0 01-12-2011 03:46 AM
Malicious javascript obfustication Wong Yung Computer Security 46 11-07-2006 12:13 AM
Malicious JavaScript code, Noone Here Javascript 25 01-31-2006 01:50 AM
ActiveX apologetic Larry Seltzer... "Sun paid for malicious ActiveX code, and Firefox is bad, bad bad baad. please use ActiveX, it's secure and nice!" (ok, the last part is irony on my part) fernando.cassia@gmail.com Java 0 04-16-2005 10:05 PM
malicious javascript code Xah Lee Javascript 0 11-19-2004 10:08 AM



Advertisments