• Total Posts: 28021
  • Total Topics: 8050
  • Online Today: 855
  • Online Ever: 51419
  • (01. January 2010., 09:27:49)

Author Topic: Windows 7 still at risk from Explorer flaw: horrible_malware_text, VIRUS.JPG.EXE  (Read 2334 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7151
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum

Windows 7, the much-awaited replacement for Microsoft's ill-fated Vista operating system, still includes a legacy flaw that can put users at risk, says a security specialist.

Mikko Hypponen, research boss for computer security experts F-Secure says that an exploit from earlier Windows versions still exists in the release candidate for the next-generation Microsoft OS.

Hypponen wrote in his blog that the flaw, which existed in Windows NT, 2000, XP and Vista, allowed cyberbrooks to exploit a Windows Explorer issue to hide viruses and executable files from users.

The 'Hide extensions for known file types' feature, which could be used to disguise malware nasties, still exists in the new OS.

"Virus writers used this "feature" to make people mistake executables for stuff such as document files," he wrote.

"The trick was to rename VIRUS.EXE to VIRUS.TXT.EXE or VIRUS.JPG.EXE, and Windows would hide the .EXE part of the filename.

"Additionally, virus writers would change the icon inside the executable to look like the icon of a text file or an image, and everybody would be fooled."

Images on his blog, which was written when the near-final Windows 7 Release Candidate went public, show a 176k executable (.exe) file renamed 'horrible_malware_text'. Windows Explorer did not render the file as an exe, but as a plain text file.

The Release Candidate - which is in the final stages of testing and has not yet had a firm release date announced - is available for download from Microsoft's Windows 7 site.


Samker's Computer Forum -

Zhang Fei

  • SCF Member
  • **
  • Posts: 12
  • KARMA: 2
That is seriously lame. You'd think after this many Windows iterations, they'd have figured out that less information about the stuff on your computer is not the way to go. For some weird reason, Mac users haven't really been subjected to anywhere near this number of virus infestations. I don't really understand why, given that so many Mac users lack anti-virus software, whereas PC users are all loaded up with it.


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising