Can Registry be written by JavaScript
Writing about Registry it came over to me, "Is there any way to write to Registry from within an HTML page using javascript or so?". That's impossible! Browsers are expected to allow reading and writing on users machine only in cookies and ability to read/write Registry would be a security breach.
Then the second question "Is there exist any flaw in browsers that allow to write to Registry?". Now the question seems rational.
And the answer unfortunately is Yes!
As available at http://www.microsoft.com/technet/security/bulletin/ms00-075.mspx
The Microsoft VM is a virtual machine for the Win32® operating environment. It runs atop Microsoft® Windows 95, 98, Windows Me, Windows NT 4.0, or Windows 2000. It ships as part of each operating system, and also as part of Microsoft Internet Explorer. The version of the Microsoft VM that ships with Microsoft Internet Explorer 4.x and Internet Explorer 5.x contains a security vulnerability that could allow a Java applet, on a malicious web site to take any desired action on a visiting user's machine.
The Microsoft virtual machine (Microsoft VM) contains functionality that allows ActiveX controls to be created and manipulated by Java applications or applets. This functionality is intended to only be available to stand-alone Java applications or digitally signed applets. However, this vulnerability allows ActiveX controls to be created and used from a web page, or from within a HTML based e-mail message, without requiring a signed applet. If a user visited a malicious web site that exploited this vulnerability, a Java applet on one of the web pages could run any desired ActiveX control, even ones that are marked as unsafe for scripting. This would enable the malicious web site operator to take any desired action on the user's machine.
This is the same vulnerability that can be exploited from Internet Explorer or Outlook Express to not only read/write to registry calling the shell object, but do anything with your computer.
The link mentioned above announces availibility of a patch to eliminate this security vulnerability. Unfortunately a large number of users are unaware of such vulnerabilities and are prone to attacks similar to W32.Feldor.A virus (details at http://www.symantec.com/security_response/writeup.jsp?docid=2005-120316-1801-99&tabid=2)
Moral : Don't stick to old versions of your browser. New versions of software are not only intended to provide rich user experiance, they also intend to patch flaws that existed in older version.
Introducing AmulHits.com
Recent Posts
- Say Hello to Google DART
- Facebook or Google+ ?
- HAPPY NEW YEAR 2012
- Only Great Minds Can Read This
- Split 5 Photos for Google+ Profile
- Yahoo Pipes – Know Your Top Google+ Followers
- Say Hello to Google DART
Blogroll
All Time Toppers
Archives
- April 2012
- January 2012
- December 2011
- October 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
On Google+
December 31st, 2008 - 07:43
i want to javascript for register form pls help me.
December 31st, 2008 - 07:45
How we write a javascript for register form to vaild the emailid and password.