|
|
Tenacious W32/Sober.c-mm AttacksDATE: 06-JAN-2004 Jargon Buster
Scripts or Scripting are programs written programming languages built into an operating system or application (such as Internet Explorer, Word, Excel, etc). The most common programming language is Visual Basic for Applications (VBA), which is used across the Microsoft product line to allow a programmer to automate specific tasks. Similar languages are used in other applications (Flash, Lotus Notes, etc). While scripting can be useful, it can also be used to create malicious programs that have full access to a victim's system. Cross-site scripting is a technique in which a malicious site can collect data from a user without the victim's knowledge. The technique can use JavaScript, VBScript, or other client side script language, as well as cookies to extract data. Cross-site scripting relies on the user clicking a malicious link, which can be on a web page, forum post, auction listing or instant message. A good detailed treatise on cross-site scripting is available at CGISecurity.com. Cert.org has a good whitepaper on how it is used as well here. SecurityFocus.com posted a good paper called Anatomy of Cross Site Scripting. Microsoft explains how to prevent cross-site scripting in Internet Explorer and Outlook Express here.Macro Virus is a malicious program written in a macro programming language associated with a document file (Word, Excel, Outlook, etc). Macros themselves are not malicious, but can be written to run when a document is opened, and damage or copy itself into other documents. Windows can be configured with the Windows Scripting Host, which similarly vulnerable to malicious scripts or macros. Before the proliferation of worm viruses, macro viruses accounted for the majority of infections. By default, later versions of Microsoft Office have automatic macro execution turned off, which has helped limit further macro virus infection.
|
