http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9132626 By Gregg Keizer May 6, 2009 Computerworld Windows 7 Release Candidate (RC) continues a long-running Microsoft practice that puts users at risk, a security researcher said today. The new operating system's Windows Explorer file manager still misleads users about the true extension of a file, said Patrik Runald, chief research advisor at Helsinki-based F-Secure Corp. Rather than reveal the full extension for a filename, Windows Explorer hides the extension for known file types, giving hackers a way to disguise malware by using those file types' extensions and icons. Windows Explorer, for example, will show the .txt icon and display "attack.txt" as the filename for a Trojan horse that's actually been named "attack.txt.exe" by the hacker. The practice goes back to at least Windows NT, and has been criticized in the still-popular Windows XP and the newer Windows Vista. "People typically look at the icon to know what the file is," said Runald. "If it looks like a Word doc or a PDF file, there's an implicit trust in it, and users are more likely to click on those files, even if they are actually an executable." [...] -- LayerOne 2009, Information Security for the discerning professional. May 23-24 2009 @ The Anaheim Marriott in Anaheim, California Visit http://layerone.info for more informationReceived on Wed May 06 2009 - 22:32:00 PDT
This archive was generated by hypermail 2.2.0 : Wed May 06 2009 - 22:41:33 PDT