On TV.com: New TV sex symbol: Vintage black PORSCHE
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 2 of 38:
Next »
« Previous
What a load...
To test the so-called trick yourself, try the following:

? Right click on the Desktop and create a new Shortcut

? Point the shortcut to an executable--such as c:\windows\system32\calc.exe

? Call the shortcut www.microsoft.com

? Start Internet Explorer and type "www.microsoft.com" into the address bar

Gee, is that all malware needs to do to take advantage of this "flaw"? If you can "socially engineer" someone to do all the above steps only to have it run programs that are already on the computer, wouldn't the thousands of existing social engineering tricks be far, far easier?

I can just see the next article:
Windows has a major flaw because if you:
1. Open your window.
2. Pick up the computer.
3. Throw the computer out the open window.
4. Your computer crashes.

Luckily, Linux and OSX are immune to this attack vector because... umm... they just are.
Posted by: NonZealot   Posted on: 07/05/06 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Um, yeah  ejhonda | 07/05/06
What a load...  NonZealot | 07/05/06
Is that all?  Yagotta B. Kidding | 07/05/06
That's always been possible  NonZealot | 07/05/06
Your Average User  phburks | 07/05/06
Read the article again.  3D0G | 07/06/06
Legitimate? maybe ... Dangerous ... you bet  A.Typical Zork | 07/05/06
I'll say it slowly  TonyMcS | 07/05/06
And, who says the user will create the shortcut?? This is just another tool  DonnieBoy | 07/06/06
Let's do a quick poll. Who has ever used this?  DonnieBoy | 07/06/06
Wrong  Dr.C | 07/06/06
This will be HUGE for hackers!  Reverend MacFellow | 07/05/06
Nothing new  ConstableBrew | 07/05/06
Do what the user expects  dragosani | 07/05/06
Agreed.  A_Pickle | 07/05/06
No Offense  Clocked | 07/05/06
Microsoft should implement "address bar checks" in IE 6.  Grayson Peddie | 07/05/06
No, they shuld throw out the hook altogether  CobraA1 | 07/05/06
How many times have we all heard this...  Anti_Zealot | 07/05/06
Here we go again  Clocked | 07/05/06
www.google.com www.amazon.com  mighetto | 07/05/06
Read the story next time  TonyMcS | 07/05/06
tips and tricks and more tips...  Arm A. Geddon | 07/05/06
read it again  not of this world | 07/05/06
This is a feature... WHY???  Mr. Roboto | 07/05/06
Executable file danger  TonyMcS | 07/05/06
I clicked IE and it turned on my coffee-maker!  An_Axe_to_Grind | 07/05/06
No surprises!  lovvvvie | 07/06/06
I'm sure the NK's are heavy into Microsoft!  Reverend MacFellow | 07/06/06
Danger Will Robinson !  jpr75_z | 07/06/06
Microsoft: Shortcut 'trick' is legitimate feature  Loverock Davidson | 07/06/06
Isn't security vulnerabilities....  Jay E Court | 07/06/06
Never used it  Dr_Zinj | 07/06/06
Very silly feature  webDevx | 07/06/06
I use this on our intranet.....  Dr.C | 07/06/06
user's expectations  raunchy | 07/07/06
*sigh*  kornesque | 07/07/06
much like the tendency of IE to display a file folder instead of a search  wessonjoe | 07/07/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement