RE: Unscrupulous websites installing apps

["Dom De Vitto" <Dom () DeVitto com>]

Finjan's site also has a number of tests, including one page
which just creates a directory on your desktop and copies some
files into it.

Which, I must say as an independant consultant, are frikkin good,
especially the desktop version - which checks HTTPS too.

It's great for explaining to management why you need Finjan products....
....but only really applicable to high security environments.
(banks, FIs etc)

Dom
-----Original Message-----
From: Nexus [mailto:nexus () patrol i-way co uk]
Sent: 14 September 2001 15:27
To: Jeff Miller; vuln-dev () securityfocus com
Subject: Re: Unscrupulous websites installing apps


Here's a few things that I use to prevent such things from starting:

Utility to disable WSH
http://www.symantec.com/avcenter/venc/data/win.script.hosting.html

Finjan's freeware anti exe/vbs/java/activex/etc jobbie
http://www.finjan.com/surfinguard/

And a stack of Pop-Up killers (not security per se, but stops the annoying
little barstewards)
http://www.freewareandstuff.com/popup.html

#include the_same_old_disable_java_in_your_browser_comment.h

Cheers,
            JJ


----- Original Message -----
From: "Jeff Miller" <jrm.wa () verizon net>
To: <vuln-dev () securityfocus com>
Sent: Thursday, September 13, 2001 7:50 PM
Subject: Unscrupulous websites installing apps


> I have a user who *somehow* got caught in one of those websites with
> cascading window traps that opened up a bunch of new browser windows for
> him.  One of those windows was a prompt to install a program with the
> choices YES and NO.  He clicked the x in the corner instead, only to find
> that somehow a program had been installed into his program files dir
> complete with a shortcut in the start menu.
>
> I haven't seen this, but I'm wondering if it's possible for someone to
> defeat IE's security that easily and actually install an application.
Does
> anyone know how this is done?
>
> Sorry I don't have any examples.