NYBROOKLYN-L Archives

Archiver > NYBROOKLYN > 2001-12 > 1007348534


From: "Sherwood Anderson" <>
Subject: [Bklyn] OT - Another security how-to
Date: Sun, 2 Dec 2001 19:02:14 -0800


Listers,

Here is another tip to help protect your system from malicious attack. This
particular one has saved me from grief on two recent occasions.

swa

Trick the Worm
In addition to that all-important antivirus update, you can easily outsmart
a VBS-based virus by changing your computer's default action for VBS files.

Of course, you could change your Windows configuration so you can't run any
VBS files, thereby eliminating all possibility of this type of infection.
However, there's a relatively easy fix that will still permit a Web page or
other application to run a VBS file when such a function is actually needed,
but will block the double-click action. The fix is to change the default
action to Edit, which causes the file to open in Notepad rather than to
execute the script.

Here's how: In Windows Explorer, open Folder Options under the View menu
(moved to Tools in Windows Me and 2000). Select the File Types tab and
scroll to VBScript Script File. Click on the Edit button (Advanced in
Windows Me and 2000). Another window will open showing the possible file
actions, with the default action indicated in bold-face type. The default
action is likely Open. Highlight instead the word Edit and click on the Set
Default button. Edit should now appear in bold face.

In some older systems the Edit function may not appear. In such instances,
click the New button and enter Edit in the action field and Notepad.exe in
the application field. Once Edit appears, make it the default action as
shown above.

While in the file-type screen, also make sure the boxes for always show
extension and enable quick view are also checked. Click OK to close the open
windows.

Windows usually has several sample VBS files on the system in a folder named
"sample." Find one of these files and double click on it. If the action
causes Notepad to open and display the content of the file, you've done the
fix correctly and you're now safe from an accidental VBS e-mail infection.

S. W. Anderson

This thread: