Security Management Strategies for the CIOViruses are only a problem when they are executed or the file that they are attached to is executed. The trick a malicious entity must perform to infect your system is to get you or your computer to execute the virus. Only after execution can the virus actually do anything -- just like a car can't take you anywhere until you turn on the ignition.
One of the most common ways for code to be executed on systems is to send it to a victim either as an e-mail attachment or as a downloaded component of a Web site.
You are probably aware that executable code exists in files with the extensions of .exe and .com. You should also be aware that many scripting languages have their own file extensions as well. Visual basic is a common language for malicious code; it uses an extension of .vbs. Executable code can be launched from your Start menu; from the Run command; from the Command Prompt; by double-clicking on the file; by allowing components to download from the Web; by opening attachments; by allowing macros to run in opened documents; and even pre-viewing e-mail.
As you add more programs, services and capabilities to your systems, you expound upon the number of file extensions that can contain executable code. On a base installation of Windows 98, 2000 or XP with Office 2000 installed, there are over 170 file extensions that can be executed:
| ??_ AD? ADE ADP ASP ASX BAS BAT BIN CDR CER |
Requires Free Membership to View
CHM CMD COM CPL CRL CRT CSC CSV DER DESKLINK DEV DIF DL? DO? DOC DOCHTML DOT DOTHTML DQY DSN DUN EML EXE FAV GMS GZ? HLP HT HT? HTA HTM HTML |
HTT HTW IM? INF INI INS IQY ISP ITS JOT JS? JSE LNK MAD MAF MAM MAPIMAIL MAQ MAR MAS MAT MAV MAW MD? MDA MDB MDBHTML MDE MDT MDW MDZ MHT MHTML MPP MPT MS? MSC MSI MSP MST NFO NMW NWS OBD OBT |
OCX OLE OQY OSS OV? P10 P12 P7B P7R P7S PBK PCD PFX PIF PKO PL PMA PMC POT POTHTML PP? PPA PPS PPT PPTHTML PRF PWZ QDS RNK RQY RTF SC2 SCD SCH SCR SCT SHB SHS SLK SMM SNP SPC SST STL |
STM SYSVB? UDL ULS URL VB? VBE VBS VS? WAB WBK WEBPNP WHT WIZ WIZHTML WPD WS? WSC WSF WSH XL? XLA XLB XLC XLD XLK XLL XLM XLS XLSHTML XLT XLTHTML XLV XLW XML XNK XSL XTP ZAP |
Look up these file extensions at WhatIs.com's "Every File Format in the World".
There are several actions you can take to reduce the risk posed by executable files. However, none offer complete protection and will ultimately reduce the functionality of your system and your Internet connectivity.
- Block all e-mail attachments or all attachments with suspect extensions.
- Disable script and macro execution in all programs.
- Set all trust levels to "do not trust" for programs, code, macros, etc.
- Prevent the installation or execution of unsigned and unapproved code.
About the author
James Michael Stewart is a researcher and writer for Lanwrights, Inc.
This was first published in July 2002
Join the conversationComment
Share
Comments
Results
Contribute to the conversation