Using Windows 2000 Pro 5.00.2195 SP1 & latest hotfixes and the demonstration file supplied by Georgi, this file appears using the icon for an unregistered file type despite the testhta.txt filename - a big clue - this was seen in Explorer and IE 5.5. Needless to say, my AV software jumped on it straight away. Also it was noted that in the ZIP file and when viewing the [testhta.txt] file properties, it was classed as an HTML application, which would also alert the user - the CLSID section is also seen in the ZIP viewer. I shall skip the oft-mentioned rant on the subject of running unknown and unexpected files of strange types from unknown and untrusted sources ;-) Cheers. ----- Original Message ----- From: "Georgi Guninski" <guninskiat_private> To: <BUGTRAQat_private> Sent: Monday, April 16, 2001 3:23 PM Subject: Double clicking on innocent looking files may be dangerous > Georgi Guninski security advisory #42, 2001 > > Double clicking on innocent looking files may be dangerous > > Systems affected: > Windows Explorer, Internet Explorer - Windows 98, 2000 - when browsing > directories or shares > > Risk: High > Date: 16 April 2001 [snip]
This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 00:14:53 PDT