Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Nasty Virus - Watch out
Message
General information
Forum:
Visual FoxPro
Category:
Other
Title:
Re: Nasty Virus - Watch out
Miscellaneous
Thread ID:
00514831
Message ID:
00515099
Views:
13
>Craig,
>
>>Yeah, it could be a scroll. I always called it a tornado, cause if you run it, you're likely to think your harddrive was struck by a tornado cause of the destruction caused by the virus. (Assuming it is one). For me, it doesn't matter what the script language... I don't run it.
>
>Let's not let folks get the impression that the WSH is some sort of "dangerous, evil" thing. Point of fact, it's a tool, no more and no less. The problem is (as I point out in my article in the current VFUG (www.vfug.org) newsletter) really twofold. First, it "flys beneath the radar" of anti-virus software since, unless it's encoded, it's just a text file. Second, is ignorance. People aren't aware of it.
>
>The "stick your head in the sand and hope it goes away" approach, is the most dangerous. I make a number of recommendations in the article about what you can and should do. The best is the approach taken here. People can send in all the script files they want to me, and I'll never see them. They're stomped before they ever reach me.
>
>>Now, if you want to read about something scary, go to grc.com and read about Denial of Service attacks.
>>
>C'mon Craig, it's too early in the day for scary stuff.:-)
>>>
>>>Looks more like a scroll of paper to me.< s > Actually, there are four file extensions to be concerned with: vbs, vbe, js, and jse. The first two are VBScript files (with vbe being encoded). The latter two are JScript files (again the jse is encoded).
>>>
>>>The reason that it (the various WSH viruses) goes after SCT files is that this is the extension that's associated with Windows Script Components as well as VFP forms.

Here is an excerpt from a recent issue of Woody's Office Watch (WOW):
  THE NEW ATTACHED TEMPLATE SECURITY EXPOSURE
  I've just received word from Microsoft that they've
  discovered a new variation on this old security problem: if
  the document attached to that malicious template is in RTF
  format, the security sequences do NOT fire. Word opens RTF
  files without a hiccup. You may know that RTF files can't
  contain macros, and you might therefore ass/u/me that
  opening an RTF file can't run a macro - and you'd be wrong.
  Using this little trick, opening an RTF file can run a
  macro, and you wouldn't even know about it.

  There's more. Since RTF format files frequently appear with
  .doc file name extensions, that means it's possible for you
  to open a .doc file and have it run a malicious macro,
  bypassing all internal security.

  It's a serious security exposure, and if you use Word 97 or
  Word 2000, you should download and apply the patch
  immediately. (Word 2002 isn't involved; its anti-virus
  features fire properly.) Full details, download and
  installation instructions are at
  http://www.microsoft.com/technet/security/bulletin/ms01-028.asp.

  As usual, this security breach hasn't been used to our
  knowledge - there aren't any viruses out and about that
  take advantage of the vulnerability. Yet. Now that
  Microsoft has made it public, some cretin will no doubt try
  to employ the technique to infect your computer.
Nebraska Dept of Revenue
Previous
Reply
Map
View

Click here to load this message in the networking platform