Web 2.0 Sites Could Produce Malicious Code

Experts caution that Web 2.0-type sites such as 'Wikipedia' and 'YouTube' could have malicious code in their pages that could place business systems at risk. To avoid such dangers, firms need to have sophisticated 'content security solutions'.

In the opinion of Tom Newton, 'product manager' at 'SmoothWall', these sites would have no worth without 'user-generated content'. But they are not able to check all aspects of that content for malevolent code. For e.g., uploading executables may be hampered while users might allow embedding some mild HTML that can present exploits for Internet Explorer.

Sophos says when 'MSBlast' worm entered the German version of the popular online encyclopedia 'Wikipedia', an alert was circulated about the 'Lovesan/MSBlast' worm in its new version and that the site produced links to an assumed fix in early November 2006. The anti-virus vendor later reported that the version was actually a piece of malware.

Newton explains security tools that filter URL only would be ineffective on these kinds of attacks because users can no longer rely on a site by what displays in the address bar. Therefore, adds Newton, firms should employ more 'comprehensive, real-time scanning' technologies.

U.K. 'managing director', Chris Seth of social networking site 'Piczo' said that the company has various mechanisms to lessen risks. It also automatically checks to prevent entry of malicious code. There is a 'member services team' that scans the site's pages manually and tries to provide solutions to any alerts reported by users.

Newton further said that firms required 'perimeter anti-virus', 'internal firewalls', 'content filters' and 'limited user privileges'. The firm's Limor Elbaz emphasized on sites scanning all 'uploaded content' at the gateway entry point to diminish threats. Nigel Stanley of 'Bloor Research' called on 'behavioral-based anti-malware' with effective algorithms as the best way to detect and stop such attacks.

However, Gerhard Eschelbeck, 'chief technology officer' for 'Webroot', pointed that it was a difficult challenge to resolve because there were problems in defining malicious code and how much of it was acceptable. Further, blocking certain pages or sites is appropriate "at the end node" by an individual or organization.

Related article: Web Browsers Too Have Security Exploits

» SPAMfighter News - 12/5/2006