WWW FAQ: Can I catch a virus by looking at a web page?

Can I catch a virus by looking at a web page?

Probably not, if you keep your software up to date.

Your computer can, of course, catch a virus if you download an executable program from an untrustworthy site and then, of your own free will, double-click on it in your file manager (or Mac desktop, or...). This is the same risk you run when downloading programs from bulletin board systems or via anonymous FTP.

Applets and Viruses

While Java applets and Javascripts are relatively safe, because they run in a "sealed" environment that limits what they can do, other types of applets such as Netscape plug-ins and Microsoft Active X controls have to be evaluated carefully before installing them. Although these plug-ins and controls can be "signed," this only means that the signing organization has looked them over and decided they are safe. They could be wrong. Also, from time to time, bugs have been found in the code responsible for making sure these signatures are authentic. These security bugs are promptly fixed, so keep up to date with the latest bug fixes for your favorite web browser.

Before installing an Active X control or Netscape Plug-In, understand that you should evaluate it the same way you would evaluate a new Windows application. It is just as potentially dangerous (or useful!). Java applets, on the other hand, differ because they run in a "sealed" box that limits what any Java applet can do. From time to time, bugs are found in this mechanism as well, but when they are corrected, the resulting safety applies to all applets.

Viewing images, filling out forms and so on is harmless. So, most likely, is downloading a program from a respectable source with a reputation to protect.

World Wide Web FAQ