Found this article from F-Secure who discovered a security lapse on the new version of Windows. The fault is nothing new and in fact it exist on the previous and current build. In windows explorer of Windows NT, 2000, XP and Vista, user can hide extensions of known file types just by going to Tools>Folder Options. Virus coders used this "feature" to make people mistake executables for stuff such as document files. The trick is to rename any executable file and add any known file type, For example you can make MALWARE.EXE to MALWARE.TXT.EXE and Windows will automatically hide the .EXE part of the filename that would be tricky to ordinary computer users.Here are some sample screenshots of the testing done by F-Secure in Windows 7.
It look like just a text file
But on command prompt, the exe is uncovered.
This is a very easy way to get people clicking on the unsafe files.
If you want to be notified for future tech news, subscribe now
0 comments:
Post a Comment