:: NORMAN :: Antivirus | Firewall

Proaktive IT-Sicherheit

Startseite

News

Produkte und Dienstleistungen

Viren und Sicherheit

Support

Download

Partner

Kaufen

Land auswählen

Produkt auswählen

Viren und Sicherheit » Sicherheitsinformationen » 1999 » The so-called HTML viruses

The so-called HTML viruses

Zu meinen Norman Favoriten hinzufügen

Security Information Week 1, 1999

The computer magazines as well as other papers have recently published articles about a "new" kind of viruses - the so-called HTML viruses. We have been asked about what we do in the Norman Virus Control product with the HTML viruses.

First, HTML in itself cannot contain viruses as HTML is used solely "To publish information for global distribution" (WC3's HTML 4.0 specification). The HTML language has no ability to write to disks.

However, HTML's <SCRIPT> tag enables script statements and/or script files to be included in an HTML file. This is how HTML pages may have the potential to be a kind of "host" for malicious scripts, including viruses.

Lately there have been reports about some simple viruses which use HTML pages with Microsoft's VBScript to spread and Windows Scripting Host (WSH) to execute the VBScript files. Computers running Windows 98 and the beta version of NT 5.0 are vulnerable as WSH is installed with the operating systems. Windows 95 and NT 4.0 may be updated to include WSH.

Only users of Internet Explorer are vulnerable to VBScript viruses from a malicious web site. A user is not vulnerable if he/she does not change the default security settings in the browser, and does not agree to run the file when asked. To be sure that you are not vulnerable, check that the settings in Internet Explorer are set to confirm before running potentially dangerous content.

Users of Netscape Navigator and Communicator are not vulnerable to this threat as these browsers do not run VBScript.

So far similar threats have not been reported for the Javascript language. As security for this is tighter, such threats are not probable to occur.

So far this type of viruses has not been reported "In the Wild". The viruses themselves have a potential for propagating which is less than most other viruses, as users do not normally exchange HTML or VBScript files. The viruses potential for propagating is mainly from malicious web servers.

Thus this new threat is currently not regarded as particularly dangerous by Norman. The developers of the NVC program family however is constantly monitoring this.

Per Olav Førland

VIRUSWARNUNGEN

Medium risk
24	Oct	07	Pidief.A
24	Jan	07	Tibs
25	Sep	06	Stration
18	Jan	06	Small.KI
12	Sep	05	Bagle.CS
17	Aug	05	Zotob.B
08	Jun	05	Mytob
17	Feb	05	MyDoom.AQ
26	Jul	04	MyDoom.L
25	Mar	04	Netsky.P
Low risk
05	Mar	07	Viking.GT
27	Jan	06	Feebs
16	Jan	05	MyDoom.AH
22	Apr	04	SDBot
30	Mar	04	Netsky.Q

Neueste Virensignaturen

>>	2008-07-04 (UTC 13:16)

Sicherheitsinfo

>>	Der Jahresbericht des Internet Crime Complaint Center für 2007
>>	2007

Sicherheitshinweise

>>	Drei wichtige Updates für Microsoft-Betriebssysteme im Juni 2008
>>	Drei wichtige Updates für Microsoft-Betriebssysteme im Mai 2008

Norman zählt weltweit zu den führenden Herstellern von Daten- und Netzwerksicherheits-Lösungen. Mit Produkten zum Schutz vor Viren, Spyware, Adware, Phishing und Spam spielt das Unternehmen eine entscheidende Rolle in der Datenindustrie.