Microsoft may be hyping Windows 7 as the bees knees of OSes, but security boffins reckon the Redmond Giant still hasn't bothered to fix some rather obvious security holes.
According to Patrik Runald, a top research advisor at Finnish based F-Secure, the fact that Microsoft still allows Windows Explorer's file manager to hide the full extension of a file name makes it easy for hackers to exploit more naïve users.
For instance, a hacker who names his trojan 'attack.txt.exe' has a good chance of scamming less savvy users who will see the file as a text icon named 'attack.txt' in Windows Explorer. This will make them more likely to click on it, not realizing it is actually an executable file.
Runald said this "has been used for years by virus writers."
"People typically look at the icon to know what the file is," Runald told ComputerWorldUK. "If it looks like a Word doc or a PDF file, there's an implicit trust in it, and users are more likely to click on those files, even if they are actually an executable."