Windows 7 still easy to exploit

Windows 7 still easy to exploit

Hackers can still pull the wool over users' eyes in Windows 7, according to security experts.

Microsoft may be hyping Windows 7 as the bees knees of OSes, but security boffins reckon the Redmond Giant still hasn't bothered to fix some rather obvious security holes.

According to Patrik Runald, a top research advisor at Finnish based F-Secure, the fact that Microsoft still allows Windows Explorer's file manager to hide the full extension of a file name makes it easy for hackers to exploit more naïve users.

For instance, a hacker who names his trojan 'attack.txt.exe' has a good chance of scamming less savvy users who will see the file as a text icon named 'attack.txt' in Windows Explorer. This will make them more likely to click on it, not realizing it is actually an executable file.

Runald said this "has been used for years by virus writers."

"People typically look at the icon to know what the file is," Runald told ComputerWorldUK. "If it looks like a Word doc or a PDF file, there's an implicit trust in it, and users are more likely to click on those files, even if they are actually an executable."

Source: theinquirer.net (c) 2010 Incisive Media

See more about:  windows  |  security  |  hax
 
 
Latest articles on BIT Latest Articles from BIT
Asustor AS3102T review: a fast, flexible 2-bay NAS
27 Apr 2017
Asustor's entry-level 2-bay network attached storage device could be equally useful in the ...
Mastercard credit card has a built-in fingerprint sensor
21 Apr 2017
The commerce giant trials a new card with a thumb-sized fingerprint reader.
Australian organisations targeted via zero-day Word bug
12 Apr 2017
Microsoft Word users should update the application to fix a zero-day bug that has been "used to ...
How to install an SSD and boost your PC's performance
12 Apr 2017
Your guide to installing a solid state drive and transferring files from the old disk – ...
Beware fake MYOB and eWay email scams
10 Apr 2017
Security provider MailGuard warns of two new malware-laden email scams doing the rounds.

Latest Comments

From our Partners

PC & Tech Authority Downloads