Windows 7 Users Warned Over Filename Security Risk

nandemoari writes "Would-be Windows 7 users have been warned to change a default setting which could leave them vulnerable to attack via bogus files. As a result, Microsoft is taking flak for failing to correct a problem found in previous editions of Windows. The issue involves the way Windows Explorer displays filenames. In all editions of Windows after Windows 98, the default setting hides the filename extension (which identifies what type of file it is). This means that a Word file titled 'partyinvite.doc' will show up in Windows Explorer as simply 'partyinvite'. The only exception to this rule is if Windows does not recognize the file type. The reason for this setting is that it makes for a less cluttered look and avoids filling the screen with redundant detail. However, a flaw in the way it works leaves it liable to exploitation by hackers. They can take an executable file (which can do much more damage to a computer when opened) and disguise it by calling it 'partyinvite.doc.exe.'"

How can this be?

[Burkin]

How can this possibly be? I thought this was the most secure OS on the planet.

umask 224

[ArsonSmith]

it shouldn't be made executable by the default umask though, so when you go to click on it it'll just try to associate an application with the .exe extension.

Bah

[MyLongNickName]

This is a non-issue. With all of the vulnerabilities in applications that think they are a programming interface (like Acrobat), EXE's might actually be safer to open.

Re:How can this be?

[David Gerard]

Bah. Vista is far superior [facebook.com]. Windows 7 is for Mac-wannabes who want to "do" things with their computer, not just admire its AWESOME MIGHT as your CPU fan starts lifting your house into the air.

Re:I never did like that feature

[TheBig1]

I don't what else ... makes no sense at all.

Ahh.... Irony at its best... ;-)

Re:How can this be? sufixication

[mrbene]

Why are suffixes so enduring? How can this be?

Because they always end up being the default. Because they have the final say / last word. Because they are enduring.

OK, prolly could come up with more, but I don't think it's really worth it.

Re:How can this be?

[Qzukk]

How can this be?

It is the Kwisatz Haderach?

semi ot: handy shortcut

[NotQuiteReal]

why do they keep burying the windows explorer

You can always hit "Windows Key + E" to get Windows Explorer. Ironically, for reasons that are simply a quirk in my brain, I mentally say "Apple+E" every time I hit those keys...

Re:How can this be?

[commodore64_love]

VISTA is a monument to everything that makes us the country we are!

Fat, slow, and obsessed with superficialities like pretty shiny colors?

LOL Redundant info

[Datamonstar]

How is knowing what kind of file is going into your computer redundant?

What kind of gas is that you're putting in your car? 92? 87? LEADED? It's redundant!

What kind of batteries are you putting into that device? 9 volt? AA? It's redundant!

There's no way a user would actually want to know want they're clicking on, right Microsoft?