Windows 7 Retains Windows Explorer Security Risk - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Operating Systems
News
5/5/2009
05:26 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Windows 7 Retains Windows Explorer Security Risk

A feature in Windows Explorer, the operating system's file management application, enables virus writers to disguise executable files, security researcher says.




Windows 7 screen shot
(click for larger image and for full photo gallery)

Windows 7 RC is now available, but Microsoft's new operating system could use a bit more tinkering to improve security.

Mikko H. Hypponen, chief research officer at F-Secure, points out that Windows 7 retains a feature in Windows Explorer, the operating system's file management application, that has allowed attackers to deceive Windows users since the Windows NT era.

Specifically, Windows Explorer provides a way to hide a file's extension. Virus writers use this feature to disguise executable files as something more innocuous, such as text files, Hypponen explains in a blog post.

By also changing the appearance of a malicious executable's icon, malware authors have a much easier time convincing users to run malicious software using social engineering techniques.

Such an oversight might be less noteworthy were Microsoft not pushing its End-to-End Trust vision to enhance computer security. Last year at the 2008 RSA Conference, Microsoft chief research and strategy officer Craig Mundie said that it was "important that we give people the tools to empower them to make good trust choices."

Having accurate information about the nature of the files on one's computer could be said to be equally important.

At the same time, Microsoft deserves some credit for hardening Windows 7 against another attack vector, the automatic execution of files stored on removable media. Last month, Microsoft said that it had changed Windows AutoPlay so that it would no longer automatically run applications on external devices other than CD/DVD players. This will help prevent the propagation of malware like the Conficker worm through USB thumb drives.


InformationWeek Analytics has published an independent analysis on the current state of security. Download the report here (registration required).

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Enterprise Guide to Edge Computing
Cathleen Gagne, Managing Editor, InformationWeek,  10/15/2019
News
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll