The title of this book introduces a new term for all kinds of harmful, self-replicating code: computer viruses, macro viruses, worms, Trojan horse programs, email exploits, Java and ActiveX script attacks, instant messaging attacks, and Internet browser exploits. The author intends to provide answers and solutions to questions and issues associated with malicious mobile code (MMC).

Most chapters in the book are organized into five parts: technology overview, examples of MMC associated with this technology, detection of malicious mobile code, removal of MMC, and prevention of malicious mobile code contamination. The first part of the book is devoted to the early forms of MMC, namely viruses, Trojan horses, and worms. Chapter 2 discusses DOS-based malicious mobile code, and how such code can still be harmful today. The next two chapters discuss Windows (3.1x, 9x, NT, ME, and 2000) technology, and the increasingly sophisticated MMC created to attack computers running these operating systems. The chapters after this cover macro viruses, Trojan horses and worms, instant messaging attacks, Internet browser exploits, harmful Java applets, malicious ActiveX controls, and email attacks. An overview of MMC hoaxes is next. The book concludes with chapters on creating meaningful protection against MMC, and a discussion of what the future may bring in this area.

This is a very good book. The presentation is typical of books published by O’Reilly: well edited, with an attractive cover, and with icon-identified notes and warnings dispersed throughout the text. The author’s writing style is appealing, with the clarity and conciseness necessary to address the topics adequately without the book becoming overlong. He names and describes MMC for every attack discussed in the book. His “how-to” sections (detection, removal, and prevention) are detailed enough to allow the reader to implement the proposed solutions. There are no references (this is definitely not a textbook), but the author provides plenty of pointers (Web sites, newsgroups, and so on) for the reader to explore topics further.

The chapter on defense against malicious mobile code describes what a security administrator for an enterprise--with workstations, application servers, email servers, and Internet/intranet servers--should do to prevent or limit the damage inflicted by MMC. A highlight of this chapter is the integration of all the answers and solutions presented in the preceding chapters.

The author has much experience in the field, and he ends by using it to predict the future for computers and their security. This final chapter is, of course, prognostication, but the message is clear: no matter what computing becomes, and no matter how secure we can make it, the crackers will not rest. Neither should we. If you cannot afford to rest either, you should get this book, and use it.