Windows 7 'still at risk from Explorer flaw'

Click to follow
The Independent Tech

Windows 7, the much-awaited replacement for Microsoft's ill-fated Vista operating system, still includes a legacy flaw that can put users at risk, says a security specialist.

Mikko Hypponen, research boss for computer security experts F-Secure says that an exploit from earlier Windows versions still exists in the release candidate for the next-generation Microsoft OS.

Hypponen wrote in his blog that the flaw, which existed in Windows NT, 2000, XP and Vista, allowed cyberbrooks to exploit a Windows Explorer issue to hide viruses and executable files from users.

The 'Hide extensions for known file types' feature, which could be used to disguise malware nasties, still exists in the new OS.

"Virus writers used this "feature" to make people mistake executables for stuff such as document files," he wrote.

"The trick was to rename VIRUS.EXE to VIRUS.TXT.EXE or VIRUS.JPG.EXE, and Windows would hide the .EXE part of the filename.

"Additionally, virus writers would change the icon inside the executable to look like the icon of a text file or an image, and everybody would be fooled."

Images on his blog, which was written when the near-final Windows 7 Release Candidate went public, show a 176k executable (.exe) file renamed 'horrible_malware_text'. Windows Explorer did not render the file as an exe, but as a plain text file.

The Release Candidate - which is in the final stages of testing and has not yet had a firm release date announced - is available for download from Microsoft's Windows 7 site.

This story originally appeared in the New Zealand Herald