Windows 7 Users Warned Over Filename Security Risk

nandemoari writes "Would-be Windows 7 users have been warned to change a default setting which could leave them vulnerable to attack via bogus files. As a result, Microsoft is taking flak for failing to correct a problem found in previous editions of Windows. The issue involves the way Windows Explorer displays filenames. In all editions of Windows after Windows 98, the default setting hides the filename extension (which identifies what type of file it is). This means that a Word file titled 'partyinvite.doc' will show up in Windows Explorer as simply 'partyinvite'. The only exception to this rule is if Windows does not recognize the file type. The reason for this setting is that it makes for a less cluttered look and avoids filling the screen with redundant detail. However, a flaw in the way it works leaves it liable to exploitation by hackers. They can take an executable file (which can do much more damage to a computer when opened) and disguise it by calling it 'partyinvite.doc.exe.'"

Re:Not new, not unique to Windows

[King_TJ]

Yep... and it's one reason I've always questioned if it was really a step BACKWARDS with OS X, vs. the classic MacOS method of doing things?

I know people got sick and tired of the whole "resource fork" issue, where a native Mac file would lose its extra info when copied over a network to a non-Mac system, or media formatted in a foreign file system (or perhaps archived with a not fully compliant archiving program). But it seems like that wasn't Apple's fault, so much as nobody else having an understanding (or caring) how their file format worked.

I thought it made a lot more sense than having 3 letter "extensions" designating filetype. Many situations come up where an extension is used by multiple different programs - so it's not certain what the file really goes to.

Re:How to rename files

[TheModelEskimo]

He was talking about good file managers.