How dangerous is Java Script?

[Drax]

I was told that leaving Java Script and Active Scripting Turned On in
Internet Explorer can be dangerous? What is the danger?

Could Java Script and Active Scripting being Turned On in Internet
Explorer effect my Desktop setting? Because if I leave Java Script
and Active Scripting Turned On the next time I reboot my PC the
Display setting are returned to default? I run Win XP.

Also I remember a Worm [Blaster Internet Worm?] a few years back that
blocked access to the internet; did that have anything to do with Java
Script or Active Scripting?

TIA

 

[Beauregard T. Shagnasty]

I was told that leaving Java Script and Active Scripting Turned On in
Internet Explorer can be dangerous? What is the danger?

JavaScript is one word.

Could Java Script and Active Scripting being Turned On in Internet
Explorer effect my Desktop setting? Because if I leave Java Script
and Active Scripting Turned On the next time I reboot my PC the
Display setting are returned to default? I run Win XP.

Probably not to do what you describe. That would be pointless.

Also I remember a Worm [Blaster Internet Worm?] a few years back that
blocked access to the internet; did that have anything to do with Java
Script or Active Scripting?

No, Blaster would get you if you didn't have a firewall.

Regarding your browser:
http://k75s.home.att.net/tips.html

 

[David H. Lipman]

From: "Drax" <[email protected]>

| I was told that leaving Java Script and Active Scripting Turned On in
| Internet Explorer can be dangerous? What is the danger?
|
| Could Java Script and Active Scripting being Turned On in Internet
| Explorer effect my Desktop setting? Because if I leave Java Script
| and Active Scripting Turned On the next time I reboot my PC the
| Display setting are returned to default? I run Win XP.
|
| Also I remember a Worm [Blaster Internet Worm?] a few years back that
| blocked access to the internet; did that have anything to do with Java
| Script or Active Scripting?
|
| TIA

As with any scripting language malicious scripting is always a possibility and many a .CLASS
file inside a java Jar (ZIP type file) or outside a Java Jar has been found to be Trojanized
with TopMoxie or ByteVerify as simple examples.

Java had NOTHING to to with the Lovsan/Blaster worm.

The Lovsan/Blaster worm (and now numeerous other Bots) take advantaged of an unpatched
buffer overflow vulneraibility in the RPC/DCOM-RPCSS functionality of WinNT based OS's.
Using TCP port 135 the PC is probed for the vulnerability and then if found, it is
exploited. Nothing about Java is involved in that.

 

[John Coutts]

I was told that leaving Java Script and Active Scripting Turned On in
Internet Explorer can be dangerous? What is the danger?

Could Java Script and Active Scripting being Turned On in Internet
Explorer effect my Desktop setting? Because if I leave Java Script
and Active Scripting Turned On the next time I reboot my PC the
Display setting are returned to default? I run Win XP.

Also I remember a Worm [Blaster Internet Worm?] a few years back that
blocked access to the internet; did that have anything to do with Java
Script or Active Scripting?

TIA

************* REPLY SEPARATER ************
Javascript can be used to infect a PC, but it is not straight forward. Java has
generally taken the low road as far as capabilities are concerned, unlike some
other forms of scripting such as VB Scripts. The real danger is ActiveX, which
can load programs on your PC without your knowledge or consent. Generally,
ActiveX is implemented through Active Scripting. so if you control Active
Scripting, then you control ActiveX. The danger in ActiveX is probably the main
reason that Mozilla does not support it, and presumably never will.

J.A. Coutts