On CBS MoneyWatch: Dumbest Things You Do With Money
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 4 of 36:
Next »
« Previous
I think you're fairly safe...
...if you don't run IE/Outlook/Outlook Express. Many of the email bugs and virtually all of the Web page exploits (much more serious, in my opinion) depend on the HTML/ActiveScript parsing engine from IE (which also functions in Outlook/Outlook Express). Mozilla/Opera/Safari and all the others use their own parsing engines, none of which can parse and execute VBScript code, as far as I know. VBScript is the bad boy to watch out for: you can currently completely hide Windows executables in a VBScript array (so that your AV program and Windows security services can't detect it), then execute the code through parsing HTML/VBScript in IE's parsing engine (through either Microsoft's Web browser or their email clients). If you come across, say, a Web page or email message with malicious code embedded, on Mozilla (for example) when the HTML makes a call to parse and execute some VBScript via the <script> tag...nothing happens. Mozilla's parsing engine doesn't know what to do with the embedded VBScript, so it cheerfully ignores it. Badness Averted.

Also, you can use Windows Media Player to sidestep around Windows security zones, so you have to be careful with downloading streaming media in the .ASF, .WMA, .WMV and a couple of other media formats proprietary to Windows. I've encountered .ASF files that could cause Media Player to launch your default browser and make it surf to a predetermined URL. Ouch. I haven't seen this lately, so perhaps Microsoft fixed this in a security patch over the last few months.

I'm going to experiment in a few days with completely removing the Windows Media Player executable ("wmplayer.exe") and see if my Win2K Pro box will still function. If it does, I can then use WinAmp or another media player for media content.
Posted by: Yen_z   Posted on: 01/28/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Funny Stuff  JoeMama_z | 01/28/04
So true  Richard Flude | 01/28/04
Does that work?  IT_User | 01/28/04
I think you're fairly safe...  Yen_z | 01/28/04
much safer if...  stephen732@... | 01/29/04
As M$ made IE & its OS inseparable as an anti-competitive imperative...  dicktaurus@... | 01/28/04
But wait. it gets better.  Immanuel Tranz-Mischen | 01/28/04
hahahahahaha  IT-man_z | 01/28/04
opps  JWatson77 | 01/28/04
ever try denying access to the particular executable?  JoeMama_z | 01/28/04
Since I.E. is "part of windows"  Rick_K | 01/28/04
Groundhog Day...  jeutkune | 01/28/04
Yaaaawwwwwnnnn  Bobby Sskcat | 01/28/04
uh yeah  MEMSmaker | 01/29/04
Troll, troll, troll your boat...  Bobby Sskcat | 01/29/04
Here, go check for yourself.  Yen_z | 01/30/04
How many people could be so stupid to use MS products???  DonnieBoy | 01/28/04
please  MEMSmaker | 01/29/04
?Unfixable?  Jack-Booted EULA | 01/28/04
IE can be uninstalled  Spoon Jabber | 01/28/04
but why would you?  MEMSmaker | 01/29/04
BUT..  Bobby Sskcat | 01/29/04
why wouldn't you ...  coffeenite | 01/29/04
Konqueror works nicely...  Spoon Jabber | 01/29/04
Don't bother with those sites  IT_User | 01/29/04
mozilla  Rembrandt Pussyhorse | 01/29/04
Yeah, think it's your settings  IT_User | 01/29/04
Video Problem  Yen_z | 01/30/04
Because it is valueless...  IT_User | 01/29/04
Question from a non-techie  copygod74 | 01/28/04
Unlikely  jfrankcarr | 01/28/04
not unlikely  stephen732@... | 01/29/04
Running in the background isn't surfing  jfrankcarr | 01/29/04
Answer  Mack DaNife | 01/29/04
Almost right  voska | 01/29/04
Just you  FilledOut | 01/30/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

SmartPlanet

Click Here