Windows 7 Rc's Flaw Puts Users At Risk


Recommended Posts

Windows 7 RC's Flaw Puts Users at Risk

Gregg Keizer, Computerworld

Windows 7 Release Candidate (RC) continues a long-running Microsoft practice that puts users at risk, a security researcher said Wednesday.

The new operating system's Windows Explorer file manager still misleads users about the true extension of a file, said Patrik Runald, chief research advisor at Helsinki-based F-Secure Corp. Rather than reveal the full extension for a filename, Windows Explorer hides the extension for known file types, giving hackers a way to disguise malware by using those file types' extensions and icons.

Windows Explorer, for example, will show the .txt icon and display "attack.txt" as the filename for a Trojan horse that's actually been named "attack.txt.exe" by the hacker. The practice goes back to at least Windows NT, and has been criticized in the still-popular Windows XP and the newer Windows Vista."

More info. at PC Mag - http://www.pcworld.com/topics/security.html

>>>>>>>>>>>>>>>>>

Leaked Copies of Windows 7 RC Contain Trojan

Gregg Keizer, Computerworld

"Pirated copies of Windows 7 Release Candidate (RC) on file-sharing sites contain malware, according to users who have downloaded the upgrade.

Windows 7 RC, which Microsoft Corp. will officially launch this week, leaked two weeks ago, with copies first appearing on BitTorrent tracking sites on April 24.

Some of the pirated builds include a Trojan horse, numerous users said in message forums and in comments on BitTorrent sites such as Mininova.org.

"Just a warning for anyone downloading the new RC builds of windows 7. Quiet [sic] a lot of the downloads have a trojan inbedded [sic] in the setup EXE," said someone identified as Frank Fontaine on a Neowin.net discussion thread. "The Setup EXE is actually a container, it appears to be a self-extracting EXE. There are 2 files inside, Setup.exe and codec.exe."

Fontaine's antivirus software identified the "codec.exe" file as a generic Trojan.

"Suspicious codec.exe!" reported someone labeled as "UltimateGTR" on Mininova, commenting on one of the 32-bit builds."

More detail at PCWorld - http://www.pcworld.com/article/164348/leak...ain_trojan.html

>>>>>>>>>>>>>>>>>>>>>

Link to post
Share on other sites
  • 8 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...