调整安全区域设置以防止 MS Internet Explorer 中的病毒。

Using the Internet Explore program and Outlook program on the Windows operating system as tools for surfing the Internet. For example, it is used for sending and receiving mail, viewing news and entertainment via various websites, etc. However, at present, problems arise from computer viruses. With users of both programs, the damage is starting to become more severe day by day.

调整安全区域设置以防止 MS Internet Explorer 中的病毒。

Using the Internet Explore program and Outlook program on the Windows operating system as tools for surfing the Internet. For example, it is used for sending and receiving mail, viewing news and entertainment via various websites, etc. However, at present, problems arise from computer viruses. With users of both programs, the damage is starting to become more severe day by day.

Compiled by: Chawalit Tinnakorn Sutbutra
Source : ThaiCERT: Thai Computer Emergency Response Team, Computer Security Coordination Center, Thailand
Compiled on: 19 September 2001

 

Using the Internet Explore program and Outlook program on the Windows operating system as tools for surfing the Internet. For example, it is used for sending and receiving mail, viewing news and entertainment via various websites, etc. However, at present, problems arise from computer viruses. With users of both programs, the damage is starting to become more severe day by day. This can be seen from examples of damage caused to the LoveBug, SirCam, and Nimda viruses that are currently spreading heavily. These viruses spread easily without the need to open the files inserted in the email. Just click to view the contents of the email. The machine can be infected with a virus. These viruses rely on the properties of IE and Outlook programs by running ActiveX Control Script, JavaScript, or even loading files onto the machine and running them automatically, such as programs with the extension exe, bat. Vbs, etc.

Therefore, preventing web pages or received emails from automatically executing scripts is one option to prevent the spread of viruses. In the IE program since version 4.0 and up, there will be a feature. Security Zone settings to allocate the security importance of each area (Zone) to each website that users use. Whenever the user opens or loads information from the website The program will check the security level of each zone that the user has set. You can go to the menu Tools -> Internet Options -> Security Tab

The Zone can be divided into four types:

  • Internet: refers to other parts that are not part of the user's machine, such as the Intranet or the internet. Generally, it is set to Medium
  • Local intranet: refers to a computer or All websites in the organization's Intranet, such as map drives of machines in the organization (computernamefoldername) is generally set to Medium
  • Trusted sites : refers to websites or machines that you consider trustworthy. By enabling or Load data without worrying about whether it contains viruses or not. It is generally set to Low.
  • Restricted sites: refers to websites or machines that you do not believe to be safe. It is generally set to High.

In the setting of various properties of each zone by pressing the Custom Level button, every zone will have the same settings. As shown in the picture

There are 4 levels of settings: High, Medium, Medium-Low, Low, which will set different settings. Here we will introduce the settings. To protect against viruses written from ActiveX Control and Java Script

Security Zone settings to protect against viruses
Because most viruses spread from outside. The user's machine, both via mail, the web, and file sharing. Therefore, security settings should be set to Internet Zone and Restricted Zone to be most appropriate. And because the program's default settings are Medium-Low, security still cannot be protected. Important properties for preventing virus activation are in the sections ActiveX , Active script , Java Script and File Download

Outlook 98

  • Select Options from the Tools menu
  • Select tab Security
  • Select Zone Settings. (In Outlook Express, select the Restricted Zone button and press Apply, to activate the settings. Skip to IE4 and IE5 settings to configure Restricted Zone and Internet security.)

  • Press the button. OK
  • Select button Custom.
  • Select Settings.
  • Select the Reset Settings menu to High Security and press the Reset button.
  • In the Setting menu, it shows various features. that the system can work Generally, there are three levels: Disable means not giving permission to run the script. Prompt means waiting for permission to run the job before using it. The program will display a Dialog Box saying "Do you want to allow scripts to run" and Enable means to allow the automatic execution of the Script

 

IE4 and IE5 settings to set Restricted Zone and Internet security

  • Select Internet Options from the View menu (or Tools menu for IE5)
  • Select Tab Security
  • Select Internet Zone.
  • Select Custom.
  • Select Settings (there will not be this button in IE5).
  • Select the Reset Settings menu to High Security and press the Reset button
  • Press the button. OK
  • Return to the main page of Tab Security, select Restricted Zone, and do the four steps above.

summary
The above mentioned method is one way to prevent (not a way to fix) viruses written from ActiveX Control and Java. This method also prevents the automatic execution of viruses. The advantage of this method is that it can protect against new viruses. The disadvantage of the setting may be that it may cause inconvenience in running the website. However, the best way to solve this problem is to install new patches regularly.

References

  • http://archives.neohapsis.com/archives/ntbugtraq/2001-q1/0032.html