Security Incidents mailing list archives
RE: Worms and CScript/WScript
From: "Richard H. Cotterell" <seec () mail retina ar>
Date: Sun, 26 May 2002 11:57:20 -0300
Ref: Nick FitzGerald <nick () virus-l demon co uk>'s message dated 22 May 2002, 17:04 hours. [snipped]
In the corporate arena you often can get away without either of these "advanced" scripting mechanisms, but Windows Update -- which is rather critical to SOHO users having any chance of staying vaguely up-to-date with security patches -- used to and presumably still does depend on WSH (I think VBS specifically). Thus, suggesting disabling it as a blanket recommendation may not be a wise thing... (And, even in the corporate arena, you may better off restricting access to it rather than removing it -- if your admin group uses VB scripts for advanced system admin, certainly let them continue to run it so long as scripts can be run under a suitably privileged security context without introducing other unwanted problems but lock down your ordinary users' access to the EXEs.)
An alternative approach would be to use *script defender* from AnalogX, which allows a Windows user to turn on/off the whole set of scripts that make for vulnerable web site visiting. :-) <http://www.analogx.com> Some other interesting software there too, BTW, all freeeware! -- Richard H. Cotterell <mailto:seec () mail retina ar> Don't take the wrong side of an argument just because your opponent has taken the right side. -Baltasar Gracian, Spanish philosopher and writer ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Strange scan on 1433, (continued)
- Re: Strange scan on 1433 dr john halewood (May 21)
- Re: Strange scan on 1433 Jason Robertson (May 21)
- RE: Strange scan on 1433 David LaPorte (May 21)
- RE: Strange scan on 1433 Deus, Attonbitus (May 21)
- RE: Strange scan on 1433 Blake Frantz (May 21)
- Re: Strange scan on 1433 George Bakos (May 21)
- Worms and CScript/WScript Blake Frantz (May 21)
- Re: Worms and CScript/WScript Ryan Russell (May 21)
- RE: Worms and CScript/WScript Michael Wright (May 21)
- RE: Worms and CScript/WScript Nick FitzGerald (May 22)
- RE: Worms and CScript/WScript Richard H. Cotterell (May 26)
- RE: Worms and CScript/WScript Nick FitzGerald (May 27)
- RE: Worms and CScript/WScript Richard H. Cotterell (May 28)
- Re: Strange scan on 1433 dr john halewood (May 21)
- Re: Strange scan on 1433 Johannes Ullrich (May 21)