Disable browser scripting to improve security
Computer users should be aware of the serious risks that their computer is exposed to, while surfing the web. Many of the websites visited may contain malicious code that can be used by the website owner to attack their computer in various ways. Recent statistics have shown that at least 1.5% of the Internet websites available are attempting to install trojans and other malicious programs into visitor's computer via a web browser or email client.
The problem comes from the use of downloadable code, like JavaScript, Java and ActiveX. Such code is usually referred to as scripting code. Such pieces of code are being auomatically downloaded by the web browser while surfing to a given website, and once downloaded the code is executed in the browser window. Alternatively, similar code can be executed inside mail clients like Outlook for example. While such code is usually harmless and intended to enhance web page functionality and provide computer users with an improved experience, lots of trojan and virus writers are attempting to thwart such programs into deadly tools that can be used to infect remote computers, display unwanted ads on their desktop, or even take control over the remote computer. Once the unsuspecting user has clicked on a link or used a form on the remote website, the deadly code is installed into his computer and executed via browser scripting, and the damage is done.
It is therefore clear, that browser scripting features are exposing computer users to a wide range of serious risks. However, we can look into several protection measures that can help us improve security and prevent such malicious code from reaching our computer. The first thing to do, is to block whatewer we do not need. Risks coming from browser scripting can be completely removed by turning off all scripting languages - and therefore you will no longer be vulnerable to malicious code on remote websites. But this has the drawback of severely impairing user experience on many websites, due to the fact that interactive website functionality usually requires scripting features, and there is a significat number of websites that will not even work at all if scripting is disabled completely. In such a situation, an alternative would be to configure your web browser in such a way that scripts are executed only on trusted sites. For example, Internet Explorer has a feature called security zones. You can disable web scripting by setting your browser security to high, and then when you reach a site that does not work properly without scripting, you can activate scripting for that given site that you trust, by adding it to your Trusted Sites zone.
Another thing that you should do is to keep your programs updated. Lots of security fixes and patches for web browsers and email clients, are being released by their software manufacturers. Particularly, Internet Explorer and Outlook are subject to ongoing security patching and fixing. If you are using these programs, it is strongly advised to use Automatic Updates to keep these products continuously updated with the latest versions and fixes from Microsoft; an outdated version of these programs would expose the computer user to serious risks. You may also want to install Service Pack 2 for Windows XP, as it contains feature that can help users with safer surfing and other under the hood security improvements as well.
When using email clients like Outlook for example, you can disable scripting, you can choose not to save possible dangerous attachments, and you can also disable loading of remote images and web pages in your email client. All these security measures are recommended; they will prevent your computer from getting infected with email trojans and improve overall security and privacy.
Finally, you can always use antivirus and anti-spyware programs that have script blocking capabilities, like Norton Antivirus for example. Although this will not prevent all risks, it can be a significant security improvement, and many such scripts will actually be blocked through access denied errors. You can also subscribe to online security protection services - there are such services available online, that can improve security and provide the user with much safer surfing through blocking computer access to given websites that are attempting to install such malicious code on remote computers.
The problem comes from the use of downloadable code, like JavaScript, Java and ActiveX. Such code is usually referred to as scripting code. Such pieces of code are being auomatically downloaded by the web browser while surfing to a given website, and once downloaded the code is executed in the browser window. Alternatively, similar code can be executed inside mail clients like Outlook for example. While such code is usually harmless and intended to enhance web page functionality and provide computer users with an improved experience, lots of trojan and virus writers are attempting to thwart such programs into deadly tools that can be used to infect remote computers, display unwanted ads on their desktop, or even take control over the remote computer. Once the unsuspecting user has clicked on a link or used a form on the remote website, the deadly code is installed into his computer and executed via browser scripting, and the damage is done.
It is therefore clear, that browser scripting features are exposing computer users to a wide range of serious risks. However, we can look into several protection measures that can help us improve security and prevent such malicious code from reaching our computer. The first thing to do, is to block whatewer we do not need. Risks coming from browser scripting can be completely removed by turning off all scripting languages - and therefore you will no longer be vulnerable to malicious code on remote websites. But this has the drawback of severely impairing user experience on many websites, due to the fact that interactive website functionality usually requires scripting features, and there is a significat number of websites that will not even work at all if scripting is disabled completely. In such a situation, an alternative would be to configure your web browser in such a way that scripts are executed only on trusted sites. For example, Internet Explorer has a feature called security zones. You can disable web scripting by setting your browser security to high, and then when you reach a site that does not work properly without scripting, you can activate scripting for that given site that you trust, by adding it to your Trusted Sites zone.
Another thing that you should do is to keep your programs updated. Lots of security fixes and patches for web browsers and email clients, are being released by their software manufacturers. Particularly, Internet Explorer and Outlook are subject to ongoing security patching and fixing. If you are using these programs, it is strongly advised to use Automatic Updates to keep these products continuously updated with the latest versions and fixes from Microsoft; an outdated version of these programs would expose the computer user to serious risks. You may also want to install Service Pack 2 for Windows XP, as it contains feature that can help users with safer surfing and other under the hood security improvements as well.
When using email clients like Outlook for example, you can disable scripting, you can choose not to save possible dangerous attachments, and you can also disable loading of remote images and web pages in your email client. All these security measures are recommended; they will prevent your computer from getting infected with email trojans and improve overall security and privacy.
Finally, you can always use antivirus and anti-spyware programs that have script blocking capabilities, like Norton Antivirus for example. Although this will not prevent all risks, it can be a significant security improvement, and many such scripts will actually be blocked through access denied errors. You can also subscribe to online security protection services - there are such services available online, that can improve security and provide the user with much safer surfing through blocking computer access to given websites that are attempting to install such malicious code on remote computers.
This information is provided without any warranties of any kind. Use it at your own risk. Terms and conditions