[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IP: WiredNews: Virus Thrives on HTML





From: [email protected]
Subject: IP: WiredNews: Virus Thrives on HTML
Date: Thu, 12 Nov 1998 09:46:31 -0600
To: [email protected]

Source:  Wired News
http://www.wired.com/news/news/technology/story/16206.html

Virus Thrives on HTML
 by Chris Oakes 

 5:53 p.m.11.Nov.98.PST
 An old computer invader has found a new place
 to thrive. 

 A virus-monitoring group this week posted a
 computer virus -- called "html.internal" -- that is
 the first to replicate itself through hypertext
 markup language, or HTML, the code that
 defines the common Web page. 

 "Looks like the virus crowd has finally discovered
 the Internet," said Richard Smith of Phar Lap
 Software. "HTML pages are extremely mobile....
 They're intended to be given out." 

 Other observers point out the demonstration
 virus requires specific Windows scripting
 software to carry out its task. They maintain that
 the virus, therefore, exposes the vulnerability of
 the secondary software, VisualBasic Script, not
 plain vanilla Web pages. 

 "It draws attention to the power that's available
 to the VBScript programmer," said Jimmy Kuo,
 director of antivirus research at Network
 Associates. 

 A computer virus typically spreads through
 shared files, such as word processing
 documents or email attachments. It most often
 consists of a program or piece of code that runs
 invisibly on any computer it manages to infect.
 Like any virus, it replicates itself. That replication
 can be threatening in itself if the virus is large,
 since it will quickly fill a computer's memory and
 cause a crash. 

 Viruses once depended mainly on floppy disks
 for their travels, but networks have introduced an
 easier path. 

 The HTML virus, created by the Virus Information
 Center and released on Tuesday, was built as a
 demo and does not present a large security risk
 in and of itself. It works through Internet Explorer
 4.0 and relies on the scripting feature, VBScript,
 built into the latest Microsoft PC operating
 system, Windows 98. If security warnings are
 ignored, the virus will load via a Web page and
 infect other Web pages on the host computer. 

 Protections already built into Internet Explorer
 4.0 would warn users if they encountered the
 virus, said a Microsoft spokeswoman. 

 Copyright � 1994-98 Wired Digital Inc. All rights reserved.
-----------------------
NOTE: In accordance with Title 17 U.S.C. section 107, this material is
distributed without profit or payment to those who have expressed a prior
interest in receiving this information for non-profit research and
educational purposes only. For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml
-----------------------


****************************************************
To subscribe or unsubscribe, email:
     [email protected]
with the message:
     (un)subscribe ignition-point email@address

or (un)subscribe ignition-point-digest email@address
****************************************************
www.telepath.com/believer
****************************************************