Slashdot Mirror


Windows 7 Users Warned Over Filename Security Risk

nandemoari writes "Would-be Windows 7 users have been warned to change a default setting which could leave them vulnerable to attack via bogus files. As a result, Microsoft is taking flak for failing to correct a problem found in previous editions of Windows. The issue involves the way Windows Explorer displays filenames. In all editions of Windows after Windows 98, the default setting hides the filename extension (which identifies what type of file it is). This means that a Word file titled 'partyinvite.doc' will show up in Windows Explorer as simply 'partyinvite'. The only exception to this rule is if Windows does not recognize the file type. The reason for this setting is that it makes for a less cluttered look and avoids filling the screen with redundant detail. However, a flaw in the way it works leaves it liable to exploitation by hackers. They can take an executable file (which can do much more damage to a computer when opened) and disguise it by calling it 'partyinvite.doc.exe.'"

6 of 613 comments (clear)

  1. How can this be? by Burkin · · Score: 5, Funny

    How can this possibly be? I thought this was the most secure OS on the planet.

    1. Re:How can this be? by David+Gerard · · Score: 5, Funny

      Bah. Vista is far superior. Windows 7 is for Mac-wannabes who want to "do" things with their computer, not just admire its AWESOME MIGHT as your CPU fan starts lifting your house into the air.

      --
      http://rocknerd.co.uk
    2. Re:How can this be? by commodore64_love · · Score: 5, Funny

      VISTA is a monument to everything that makes us the country we are!

      Fat, slow, and obsessed with superficialities like pretty shiny colors?

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  2. umask 224 by ArsonSmith · · Score: 5, Funny

    it shouldn't be made executable by the default umask though, so when you go to click on it it'll just try to associate an application with the .exe extension.

    --
    Paying taxes to buy civilization is like paying a hooker to buy love.
  3. Bah by MyLongNickName · · Score: 5, Funny

    This is a non-issue. With all of the vulnerabilities in applications that think they are a programming interface (like Acrobat), EXE's might actually be safer to open.

    --
    See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
  4. Re:I never did like that feature by TheBig1 · · Score: 4, Funny

    I don't what else ... makes no sense at all.

    Ahh.... Irony at its best... ;-)