McAfee AVDCDE-BA-CA User Guide - Page 14
Where next?, including Microsoft VBScript and Active Server s - rule
View all McAfee AVDCDE-BA-CA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 14 highlights
Preface Instead, harmful objects exist to deliver their equivalent of a virus payload. Programmers have written objects, for example, that can read data from your hard disk and send it back to the website you visited, that can "hijack" your e-mail account and send out offensive messages in your name, or that can watch data that passes between your computer and other computers. Even more powerful agents have begun to appear in applications that run directly from websites you visit. JavaScript, a scripting language with a name similar to the unrelated Java language, first appeared in Netscape Navigator, with its implementation of version 3.2 of the Hyper Text Markup Language (HTML) standard. Since its introduction, JavaScript has grown tremendously in capability and power, as have the host of other scripting technologies that have followed it-including Microsoft VBScript and Active Server Pages, Allaire Cold Fusion, and others. These technologies now allow software designers to create fully realized applications that run on web servers, interact with databases and other data sources, and directly manipulate features in the web browser and e-mail client software running on your computer. As with Java and ActiveX objects, significant security measures exist to prevent malicious actions, but virus writers and security hackers have found ways around these. Because the benefits these innovations bring to the web generally outweigh the risks, however, most users find themselves calculating the tradeoffs rather than shunning the technologies. Where next? Malicious software has even intruded into areas once thought completely out of bounds. Users of the mIRC Internet Relay Chat client, for example, have reported encountering viruses constructed from the mIRC scripting language. The chat client sends script viruses as plain text, which would ordinarily preclude them from infecting systems, but older versions of the mIRC client software would interpret the instructions coded into the script and perform unwanted actions on the recipient's computer. The vendors moved quickly to disable this capability in updated versions of the software, but the mIRC incident illustrates the general rule that where a way exists to exploit a software security hole, someone will find it and use it. Late in 1999, another virus writer demonstrated this rule yet again with a proof-of-concept virus called VBS/Bubbleboy that ran directly within the Microsoft Outlook e-mail client by hijacking its built-in VBScript support. This virus crossed the once-sharp line that divided plain-text e-mail messages from the infectable attachments they carried. VBS/Bubbleboy didn't even require you to open the e-mail message-simply viewing it from the Outlook preview window could infect your system. xiv McAfee VirusScan Anti-Virus Software