By Andy Patrizio,
The latest -- and potentially most dangerous -- threat to Internet users is a Web-based virus that enters computers just by visiting a Web page.
HTML.Internal -- as it has been dubbed by Central Command, the antivirus distributor that found it -- is said to do no harm. But, the company said, it could lead to serious problems.
"Unfortunately, this technology can be exploited, and once it gets on your computer, it can modify anything at that point," said Keith Peer, president of Central Command, the U.S. distributor of AntiViral Toolkit Pro. "It can change settings on your PC, read/write files, or drop scripts onto your computer."
Peer said source code for HTML.Internal has already been posted on the Internet and undoubtedly will be used for some malicious purpose in the future.
HTML.Internal works with only Microsoft Internet Explorer and Internet Information Server on the back end. In an all-Netscape environment, users are safe from the ill effects of the virus, said Peer.
When users first visit a site with HTML.Internal sitting on the server, it calls VBScript -- the Visual Basic scripting language -- to search their local hard drives for all files with .HTM and .HTML extensions.
When users load one of the infected HTML pages, the status bar at the top of the screen will read "HTML.Prepend /1nternal."
This can be avoided by keeping IE's security at Medium at the very least because it will warn users that HTML.Internal is searching through their hard drive and trying to modify files.
Because of this, Peer doesn't consider HTML.Internal a virus but an "exploit," which means it takes advantage of how IE works. It also takes advantage of users who let their security down.
Despite all the viruses on the loose, users shouldn't become hypochondriacs, said a member of the Computer Emergency Response Team (CERT), which handles virus and security-related issues. Back Orifice, the Windows intrusion tool that garnered so much attention earlier this year, has thus far shown its bark is worse than its bite.
"In all of the reports we've gotten, Back Orifice only accounted for 2 percent of incidents," said Shawn Hernan, a member of the CERT technical staff and leader of the vulnerability-handling group. "So, perception for Back Orifice might be a lot larger than reality," he said.
End users should use the security in their browsers because it was put there for a reason, Hernan said.
"The Internet was founded on a culture of trust and openness, and that's sort of carried on into its maturity," he said. "But there are bad people on the Internet who want to do bad things, just like there are in real life."
Try TechWeb's RSS Feed!Lowe's seeking Systems Engineer III in Mooresville, NC
Univ of Michigan seeking University Ethical Hacker in Ann Arbor, MI
MAP Digital seeking Project Manager: Live Digital Events in New York, NY
cPanel Inc. seeking Internal Systems Developer in Houston, TX
Cirrus Design seeking Web Architect in Duluth, MN
For more great jobs, career-related news, features and services, please visit our Career Center.
TechWeb's FREE e-mail newsletters deliver the news you need to come out on top.
Get definitions for more than 20,000 IT terms.
Editorial and vendor perspectives
