Windows 7 Retains Windows Explorer Security Risk

Wednesday, May 6, 2009
Mikko H. Hypponeen, chief research officer at F-Secure, points out that Windows 7 retains a characteristic in Windows Explorer, the operating system's file management application, that has allowed attackers to deceive Windows users since the Windows NT era.

Specifically, Windows Explorer provides a way to hide a file's extension. Virus writers use this feature to disguise executable files as something more innocuous, such as text files, Hypponeen explains in a blog post.

By also changing the appearance of a malicious executable's icon, malware authors have a much easier time convincing users to run malicious software using social engineering techniques.
Such an oversight might be less noteworthy were Microsoft not pushing its End-to-End Trust vision to enhance computer security. Last year at the 2008 RSA Conference, Microsoft chief research and strategy officer Craig Mundiee said that it was "important that we give people the tools to empower them to make good trust choices."

Having accurate information about the nature of the files on one's computer could be said to be equally important.

At the same time, Microsoft deserves some credit for hardening Windows 7 against another attack vector, the automatic execution of files stored on removable media. Last month, Microsoft said that it had changed Windows AutoPlay so that it would no longer automatically run applications on external devices other than CD/DVD players. This will help prevent the propagation of malware like the Conficker worm through USB thumb drives.

See Also
microsoft computer support
windows firewall security
Online Computer Support
Windows Live One Care Help You
Top five steps to stay secure on Internet

0 comments:

Post a Comment