This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mimeat_private for more info. --------------1B564D423F59 Content-Type: TEXT/PLAIN; CHARSET=us-ascii Content-ID: <Pine.SUN.3.96.981111030126.2832uat_private> HTML Virus Harmless -- So Far By Andy Patrizio, TechWeb Nov 10, 1998 (2:12 PM) URL: http://www.techweb.com/wire/story/TWB19981110S0018 The latest -- and potentially most dangerous -- threat to Internet users is a Web-based virus that enters computers just by visiting a Web page. HTML.Internal -- as it has been dubbed by Central Command, the antivirus distributor that found it -- is said to do no harm. But, the company said, it could lead to serious problems. "Unfortunately, this technology can be exploited, and once it gets on your computer, it can modify anything at that point," said Keith Peer, president of Central Command, the U.S. distributor of AntiViral Toolkit Pro. "It can change settings on your PC, read/write files, or drop scripts onto your computer." Peer said source code for HTML.Internal has already been posted on the Internet and undoubtedly will be used for some malicious purpose in the future. HTML.Internal works with only Microsoft Internet Explorer and Internet Information Server on the back end. In an all-Netscape environment, users are safe from the ill effects of the virus, said Peer. When users first visit a site with HTML.Internal sitting on the server, it calls VBScript -- the Visual Basic scripting language -- to search their local hard drives for all files with .HTM and .HTML extensions. When users load one of the infected HTML pages, the status bar at the top of the screen will read "HTML.Prepend /1nternal." This can be avoided by keeping IE's security at Medium at the very least because it will warn users that HTML.Internal is searching through their hard drive and trying to modify files. Because of this, Peer doesn't consider HTML.Internal a virus but an "exploit," which means it takes advantage of how IE works. It also takes advantage of users who let their security down. Despite all the viruses on the loose, users shouldn't become hypochondriacs, said a member of the Computer Emergency Response Team (CERT), which handles virus and security-related issues. Back Orifice, the Windows intrusion tool that garnered so much attention earlier this year, has thus far shown its bark is worse than its bite. "In all of the reports we've gotten, Back Orifice only accounted for 2 percent of incidents," said Shawn Hernan, a member of the CERT technical staff and leader of the vulnerability-handling group. "So, perception for Back Orifice might be a lot larger than reality," he said. End users should use the security in their browsers because it was put there for a reason, Hernan said. "The Internet was founded on a culture of trust and openness, and that's sort of carried on into its maturity," he said. "But there are bad people on the Internet who want to do bad things, just like there are in real life." --------------1B564D423F59-- -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:10:50 PDT