JavaScript and malicious code?

AIUI, it was not all that long ago when the threat to personal users,
was attachments that when executed compromised machines with keyloggers,
trojans, etc.

Now it seems that the big problem is reading a webpage or an HTML e-mail
and getting affected through the scripting. My understanding is that
the script downloads the malicious program from the web and sets it to
run on start up through the start-up folder or in the registry.

I don't know much about this; can someone suggest a good web site to
start learning a bit more about these threats. I have googled, but I am
not quire sure of the best search terms, and since there is so much
information out there, a site that experienced people endorse would be a
lot of help.

In particular, it seems as if JavaScript dowloading a trojran without
the user clicking an attachment is a big problem.

Thanks.

 

Malicious Web Scripts FAQ
http://www.cert.org/tech_tips/malicious_code_FAQ.html

Web Browser Vulnerabilities: Is Safe Surfing Possible?
http://www.windowsecurity.com/articles/Web-Browser-Vulnerabilities.html

Safe Surfing
http://www.pcpitstop.com/spycheck/safesurfing.asp

Safe Hex
http://www.claymania.com/safe-hex.html

Safe Computing Guide
http://www.trendmicro.com/pc-cillin/vinfo/safe_computing/
http://www.trendmicro.com/en/security/general/guide/overview.htm

Protect your PC
http://support.microsoft.com/default.aspx?scid=/directory/worldwide/en-gb/protect.asp

Safe Computing Practice
http://users.iafrica.com/c/cq/cquirke/safe2000.htm

Safe Computing Practices (Safe Hex)
http://www.cknow.com/vtutor/vtsafecompute.htm

 

Executing a malware executable by clicking on it has always been a
problem whether it comes in the email or on a floppy or CD or
downloaded.

The scripting or html can potentially 'execute' or 'perform', depending
upon the insecure configuration.

There are many html, scripting, and non-html non-scripting
vulnerabilities. The latest vulnerability of some interest is the WMF
or windows metafile vulnerability related to 'MICE' where the mice
acronym means metafile image code execution vulnerability. This is a
different kind of problem for Win2K and XP than the 9x family.

All threats that have to do with windows insecurities? Some windows not
all? All threats that have to do with html and/or scripting
vulnerabilities as they relate to just the browser html rendering engine
subsystem vulnerabilities? How to configure your browser and your
mailuser agent securely?

There certainly is a lot of information -- I'm not sure where to start.

If you allow 'various' scripts to run and do things which you don't know
about, you are insecure -- where the degree of insecurity is influenced
by the particular script in question.

 

°Mike° wrote:

Excellent collection of links..

Sorry, the web page you're looking for was not found



One of the trendmicro links is broken -- I can find a similar .au one
searching on safe_computing at the site.

http://www.trendmicro.com.au/consumer/security_info/save_computing_guide.php

But I don't know if that is like the one which used to be in the
pc-cillin vinfo section.

 

In message <43dab3ed$0$72593$>,
Mike Easter took 24 lines to impart the following:

I honestly don't remember the exact PC-Cillin page, but it appears to
be the same one, because:
www.trendmicro.com.au/vinfo/safe_computing/

redirects to the link you gave above. I will be updating my list with
the UK link (same info).

Safe Computing Practices
http://uk.trendmicro-europe.com/smb/security_info/save_computing_guide.php


This PDF document is also worth reading:

A Guide to Security
http://uk.trendmicro-europe.com/smb/downloads/SecurityGuide_download.pdf

 

http://www.bootdisk.com/bootlist/234.htm#5

Html is for webpages. Text is for email.

 

It's getting that way - byteverify being the most common culprit. It's
designed to exploit the MS Java VM (virtual machine), so use the Sun
version:
http://www.java.com/en/download/help/cache_virus.xml