Scripts are programs which run in other programs and are written in language which people can read. If you look at a web page in HTML, you can read any scripts present. They begin with <script> and end with </script>. JavaScript was developed by Netscape, the company which developed the Netscape Navigator browser. When Microsoft produced Internet Explorer, they produced their own version of JavaScript called JScript, and a new script called Visual Basic Script (VBScript.) These scripts are only found on Internet Explorer, but JavaScript is supported by most browsers.

An introduction to scripting languages itwales.com
Introducing Visual Basic Script (VBScript) William Robert Stanek

Security

JavaScript runs within your internet browser, and is controlled by security policies imposed by the browser. It is limited in the access it has to your computer:

"A security policy is simply a set of rules governing what scripts can do, and under what circumstances. ...these policies restrict JavaScript to a fairly benign set of capabilities."

JavaScript Security windowsitlibrary.com

"You can't get there from here.
One important part of client-side JavaScript's security is that there are a number of things you just can't do. There are no objects with which to access the client's files, interrogate the client's network connections, execute operation system commands, or execute programs. At times, this lack of certain features can be annoying, but it prevents a world of problems."

Edmond Woychowsky
JavaScript security is making strides builder.com.com

What are the risks?

Despite JavaScript's "benign capabilities", it has been called "probably the most abused scripting language on the planet." (Dafydd Rees.) A quick search of the internet reveals that all web browsers have had security vulnerabilities with JavaScript in the past which left them open to attack from viruses and worms, and have had to issue patches to fix these vulnerabilities.

JS.Gigger.A@mm Symantec Security Response

Microsoft's Internet Explorer has had security vulnerabilities with VBScript, again leaving it open to attacks from viruses and worms, and Microsoft have issued patches to fix them. 

New Explorer 6 active scripting flaw reported computerworld.com
Extreme risks in Microsoft VBS scripting host nsclean.com

New ways of using JavaScript and other scripts for malicious intent are constantly emerging. 

Frequently Asked Questions About Malicious Web Scripts Redirected by Web Sites cert.org

What should I do?

Whichever browser you use, check for updates regularly. You are very unlikely to be the first victim of a virus or worm. A patch for a vulnerability exploited by a new virus or worm will most likely be patched before you encounter the virus or worm. However, if you continue surfing with an un-patched browser after a vulnerability is patched, you are very likely to be a victim.

Consider a browser other than Internet Explorer. IE is vulnerable to security weaknesses in VBScript where other browsers are not.

Why You Should Dump Internet Explorer lockergnome.com
US-CERT: Beware of IE internetnews.com
Mozilla Firefox 1.0 ZDNet UK

Even if "JavaScript cannot reformat your hard drive, change the contents of files, or make your cat go bald," it is still responsible for many web irritations, for example pop-up ads and web pages which try to take control of your browser from you. Use a pop-up blocker. JavaScript is blocked in IE Restricted Zone, so add bad sites to this zone and they will be prevented from using JavaScript. Blocking JavaScript for all sites is possible, but some sites will not work without it, for example, Hotmail.

Dirty Web Promotion Tricks #1 - Legitimate and Malicious Javascripts ciwss.com