THREAT MONITOR
The many forms of executable code
James Michael Stewart
07.23.2002
Rating: -4.46- (out of 5)
Viruses are only a problem when they are executed or the file that they are attached to is executed. The trick a malicious entity must perform to infect your system is to get you or your computer to execute the virus. Only after execution can the virus actually do anything -- just like a car can't take you anywhere until you turn on the ignition.
One of the most common ways for code to be executed on systems is to send it to a victim either as an e-mail attachment or as a downloaded component of a Web site.
You are probably aware that executable code exists in files with the extensions of .exe and .com. You should also be aware that many scripting languages have their own file extensions as well. Visual basic is a common language for malicious code; it uses an extension of .vbs. Executable code can be launched from your Start menu; from the Run command; from the Command Prompt;
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
by double-clicking on the file; by allowing components to download from the Web; by opening attachments; by allowing macros to run in opened documents; and even pre-viewing e-mail.
As you add more programs, services and capabilities to your systems, you expound upon the number of file extensions that can contain executable code. On a base installation of Windows 98, 2000 or XP with Office 2000 installed, there are over 170 file extensions that can be executed:
[TABLE]Look up these file extensions at WhatIs.com's "Every File Format in the World".
There are several actions you can take to reduce the risk posed by executable files. However, none offer complete protection and will ultimately reduce the functionality of your system and your Internet connectivity.
About the author
James Michael Stewart is a researcher and writer for Lanwrights, Inc.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchSecurity.com.
Register now
to start rating these tips. Log in if you are already a member.
|
Submit a Tip
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
