Windows 7 still easy to exploit

By The Inquirer
10:10 May 8, 2009 | 18 Comments
Tags: windows | 7 | security | hax

Hackers can still pull the wool over users' eyes in Windows 7, according to security experts.

Microsoft may be hyping Windows 7 as the bees knees of OSes, but security boffins reckon the Redmond Giant still hasn't bothered to fix some rather obvious security holes.

According to Patrik Runald, a top research advisor at Finnish based F-Secure, the fact that Microsoft still allows Windows Explorer's file manager to hide the full extension of a file name makes it easy for hackers to exploit more naïve users.

For instance, a hacker who names his trojan 'attack.txt.exe' has a good chance of scamming less savvy users who will see the file as a text icon named 'attack.txt' in Windows Explorer. This will make them more likely to click on it, not realizing it is actually an executable file.

Runald said this "has been used for years by virus writers."

"People typically look at the icon to know what the file is," Runald told ComputerWorldUK. "If it looks like a Word doc or a PDF file, there's an implicit trust in it, and users are more likely to click on those files, even if they are actually an executable."

Behind the scenes with Mass Effect 3! GTX 560 VGA round-up! Essential Skyrim tweaks to improve your game! Plus reviews, news, hardware, more games, and easy to following modding guides for PC builders. ON SALE NOW!

Ads by Google

18 Comments

battlefield_gir May 8, 2009 10:34 AM	The proof of the pudding is in the eating.
orcone May 8, 2009 11:08 AM	What the hell does that even mean.
bushi May 8, 2009 11:16 AM	So... Pretty much the title of this article should really be, "People are still easy to exploit."? Anyone who is reading this article should not have a problem really.
orcone May 8, 2009 11:17 AM	Actually, if something has a word icon and ends in .txt I'd click it.
battlefield_gir May 8, 2009 12:26 PM	Orcone, it means to fully test something you have to try it for your self.
Rory K May 8, 2009 12:28 PM	If I saw a text document that I'd never seen before, I wouldn't click on it. Especially if it's the only file with an extension.
Martyr May 8, 2009 1:27 PM	i'll second that rory
hazarama May 8, 2009 2:01 PM	I think it's game over already if 'attack.txt.exe' is on your PC ;) Sounds like someone suffering a little media attention deficit.
N3M3SiS May 8, 2009 3:02 PM	Id probably try to print it out and have sex with it. Pudding proven.
.:Cyb3rGlitch:. May 8, 2009 4:53 PM	Why are Atomic posting this type of tripe? It has nothing to do with Windows 7 exploits, rather, stupid users.
strifus May 9, 2009 1:41 PM	I agree with CG. The fact remains that this article is tripe anyway you see it. It also supposes the fact that everyone in the world is stupid and doesnt know the simple rules attached to internet usage in the first place. I am not saying that one needs a licence to use a computer but it would be appropriate to help new users by giving them some very simple rules to follow. If they cant follow that, then there are various other software out there which can do the job for them albeit at a performance hit which shouldnt bother them that much.
antifunker May 10, 2009 8:21 PM	First he says that the hidden file extensions are the problem. Then he completely contradicts this by saying "People typically look at the icon to know what the file is". WTF?
MrPodgy May 11, 2009 4:46 AM	His is why atomic lost my interest years ago. Not enough Melbourne meets that I've seen and all exclusively NSW BASED.
bushi May 11, 2009 8:29 AM	antifunker, It's possible to change the Icon of an .EXE file to a notepad icon, or any other icon for that matter.
fliptopia May 11, 2009 8:36 PM	it does stop people renaming their files and deleting the extension though.
TeZ May 13, 2009 7:37 PM	Exactly
TeZ May 13, 2009 7:42 PM	Damn, did I have to read to the end, backspace that last comment
TeZ May 13, 2009 7:44 PM	Topic should have read, "Windows 7 still not safe for monkeys"

Comments have been disabled on this article.

Latest Competitions

Thermaltake kicks off your gaming year with a BANG
Thermaltake has started off the new year with a bang by giving away a Tt eSport Theron Laser mouse to not one or two, but TWENTY lucky Atomicans!

Atomic Magazine

Issue: 133 | February, 2012

Atomic is a magazine aimed squarely at computer enthusiasts, gamers, and serious PC upgraders.

Every month we bring you the latest reviews of new technology and PC components, in depth features on everything from overclocking to console hacking, and gaming previews and interviews.

What's in this issue?