script blocking

Well I know a bit about Virus, Trojans, Worms, Spyware and Ad ware, but what exactly is Avast doing when it blocks scripts, what are these scripts??? Sure you will think this is another dull question…sorry in advance… :slight_smile:

Have a look at http://mrspock.dsmirc.co.uk/
At the bottum you will see todays date.
That is written in JavaScript.
In this case the script is just showing todays date, but you can let do scripts all kind of things.

Thank you for that Eddy…how does Avast know what scripts to block? or does it just block all of them???

avast! scans the scripts and block only the infected ones.
avast! does not block all the scripts, I mean, the good ones 8)

I wish it worked in the opera and firefox browsers.

Hi Susz,

A script is a type of computer program- a set of instructions for the computer to follow- but unlike other computer programs, a script needs a special application to be present on the computer to run it: the computer itself cannot run a script. Javascript, for example, runs inside a web browser.

Scripts are written in language we (humans) can read: they need another program to interpret them so that the computer can implement them. There are other types of computer program which humans cannot read because they are in computer language: just a series of ones and zeros.

These programs are written in a programming language which humans can understand, then compiled into a language which the computer understands. You can’t read the avast! program, for example, but your computer can understand it. If you wanted to read the instructions contained in the avast! program, you would have to decompile it, which is beyond most computer users (me anyway) not to say probably illegal.

Scripts on the other hand are easy to read: you can read a Javascript on a web page, tinker about with it and try it out yourself, and this doesn’t require a great amount of expertise. For this reason, scripts appeal to anybody who aspires to be a virus writer but who has little programming skill, only the malicious intent. It’s relatively easy to write a malicious script or to modify one found on the web. Hence the term script kiddy for a talentless virus writer.

Javascript runs in your browser, where a strict security policy says what it can and can’t do. A malicious Javascript must find a weakness in the browser’s security before it can do anything malicious. You can’t write a Javascript which says ‘wipe the hard drive’ for example.

A more dangerous script is Visual Basic Script (VBS) which runs under Windows Scripting Host (WSH). Malicious VBS scripts ‘can be created by anyone lacking a social conscience and with the ability to download free software.’ (See Computer Shopper link below.)

The Pro version of avast! blocks malicious scripts both within your browser (as long as it’s Internet Explorer) and in the WSH:

http://www.avast.com/eng/avast_4_professional.html

(I don’t think the script blocker works with Firefox, because IE uses WSH to impliment Javascript and Firefox doesn’t.)

This means that the home version will not protect from malicious VBS scripts:

The free Home edition does not include the ability to detect harmful scripts and our results confirm that you are at risk from malevolent Visual Basic code if you rely solely on this program for protection.

http://www.transceiver.co.uk/txt/av05-02.html

Which is why anybody who uses the home version should also use a script blocker program to block all VBS scripts. VBS can be allowed for legitimate applications. Microsoft uses it for some program installations, I think. Program installations sometimes ask for antivirus programs to be turned off, for the reason that many do block scripts.

There are two script blockers available:

http://www.jasons-toolbox.com/programs.asp?Program=Script%20Sentry

http://www.analogx.com/contents/download/system/sdefend.htm

Microsoft Anti-Spyware also blocks scripts + 56 other things.

Malicious Javascripts can be foiled by keeping your browser up to date.

And of course paying for the Pro version of avast! might also be worth the investment.

Hope this is useful and accurate (I’m sure somebody will tell me if it’s not) and makes up for my long absence. :wink:

Hope this is useful and accurate (I'm sure somebody will tell me if it's not) and makes up for my long absence.

Well done and very useful !

Nicolas

What happened? :wink:

Nothing. I’ve just been on holiday. 8)

Thank you Frank I found the information interesting…(.now I know what a script is) and I appreciate the time you took to explain it so that an idiot like me can understand it… ;D

Susannah, I simply explained it as I had explained it to myself while investigating the subject. That puts both of us in the same boat, and it doesn’t say HMS IDIOT on the side! :wink:

Hi also correct me if I am wrong but I believe that microsofts malicious toolware remover also blocks it as well, lets put it this way with avast pro as my main antivirus on here at least I feel safe, also Tech nice to have you back.

Hi Susz and timcan,

Yes script is dangerous code that try to run on your computer from various sources, this could be a webside with this dangerous code embedded. So it could be useful to have something aboard your browser with which you could pre-scan a link (the place where you are going to click, but do not know if there could be dangerous script luring behind). Such a non-resident small plug in for your browser (also FF and Opera) exists it is Dr.Webs browser plug in. All the scanning is done outside your computer on the update server of Dr. Web at St. Petersburg (this service and the plug-in is free and in English). Oh yeh the link there is:
http://info.drweb.com/show/2653
The virus definitions are very regularly updated (nr. 2 in the world behind Kaspersky’s). Susz install it into your browser, and whenever in doubt you might click into a site with malicious script embedded, pre-scan with Dr. Web, if they say it is OK, you can click the link, and eventually pre-scan the next link or a download-link. Feel a lot better and safer now?

greets,

polonus

Am I wrong, but does not avast have a script blocker in it, as everytime, I log on with IE6 my Avast pops up and tells me Script blocking working, please correct me if I am not correct.

Yes it does, and that is why I asked the original question, it blocked a script…but I didn’'t really understand what a script was… :slight_smile:

OK thanks makes it clearer for me as well, by the way nice topic, cleared a lot of points up, in what brain I have anyway.

https://www.finjan.com/SecurityLab/SecurityTestingCenter/exploitFinjanPublicVBScriptDemo.aspMy avast pro failed this script test. Is there something I need to tweak? I downloaded analog x scriptblocker that FreewheelingFrank posted a link to (it works).I used IE for this test.

Again, is this script infected or not.
avast! just scans scripts, not block them.
Maybe the name of the provider brings this confusion: script blocker if it is infected.
AnalogX blocks all scripts you set it to do while running, asking if it should continue or not.

now I am confused… ???

Why?