Quantcast
PC World: Technology Advice You Can Trust
Search
Browse by Topic
Subscribe to magazine

Magazine

Subscribe & Get
a Bonus CD

Customer Service

Find a Review
Dads & Grads Gift Guide Audio & Video Business Center Cameras Cell Phones & PDAs Communications Components & Upgrading Desktop PCs DVD & Hard Drives Gaming Hardware & Software HDTV Laptops Macs & iPods Monitors Printers Spyware & Security The PCW Test Center Windows Vista & XP
Resource Centers
Asus Notebook Center
CDW Solution Center
HP Ink Center
Intel Technology Center
Lenovo Laptop Showcase
White Paper Library
Webcast Library
Most Popular Search Terms
Most Popular Products
Most Popular Downloads
Free Newsletters
Receive the latest reviews, how-to's, news, and more.
Product Tips & Reviews
Daily Downloads
Windows Vista
Go
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
RSS Feeds
Get our latest content via convenient RSS feeds.
Latest News
Today @ PC World
Become a PCW Member
Join the community and start enjoying the benefits:
  • Get tech advice from thousands of PC World Members
  • Rate and recommend the latest tech products
  • Share your thoughts in blog and article comments
  • Get free excerpts and exclusive discounts on Super Guides
Signing up is free and easy.
Read More About: Software BugsCurrent Events

Bug Hunter Claims Windows Flaw Can Hide Hazards

Can hackers trick Explorer into misrepresenting file types, disguising viruses?

Joris Evers, IDG News Service

Tuesday, April 17, 2001 4:00 PM PDT
Recommend this story?
Yes
No

Microsoft's Windows Explorer and Web browser Internet Explorer can be tricked into masking dangerous files as innocent ones, a security specialist says.

Hackers can exploit the flaw so unknowing PC users may run arbitrary programs, potentially ruining their systems, according to Bulgarian bug hunter Georgi Guninski, a well-known Microsoft gadfly.

By adding a certain CLSID (Class Identifier) to a file name, Windows Explorer and IE will show any file extension designated by the file's creator, instead of showing an extension that accurately reflects what kind of file it is, Guninski says. CLSIDs consist of a string of numbers between curly brackets.

A file may appear to be an innocent ".txt" (text) file, but could in fact be an "HTA" (HTML Application) file, which can run programs on a PC. The damage occurs when someone double-clicks the file to open it. The malicious file could also be portrayed as any other file type, such as various graphics formats.

Disguising a Virus

The flaw could also disguise Visual Basic Script files that contain viruses. Many recent viruses, including the far-reaching Love Letter, are VBS (Visual Basic) files. Warnings about the virus caution users to not open files with the .VBS extension--but by using a CLSID, a virus-spreader could disguise a VBS file as an apparently harmless .txt file.

Guninski said he informed Microsoft of his finding on April 11. Microsoft did not return repeated calls requesting comment.

The bug hunter rates the problem as "high risk" and suggests Windows users not double-click on files in Windows Explorer or IE.

However, there's a way to identify such a masked file, a quick test shows. Windows Explorer and IE won't associate the appropriate program icon with the file. The .txt file made by Guninski for test purposes did not carry the icon for the Windows Notepad program. Also, the file's properties--displayed by right-clicking on the file name and selecting Properties from the menu--will reveal the actual file type.


Recommend this story?
Yes
No
Related Searches: bugflawmicrosoftexplorerie
Related Content
Latest News
Cops, Courts Turn to GPS
Electronic monitoring is getting more sophisticated in crime-fighting and tracking criminals. 17-May-2008
Dell Promises Greener PCs -- Soon
Dell desktops and laptops will use 25% less energy by 2010, the vendor says. 17-May-2008
Fewer are Paying for Music Downloads, Study Shows
File-sharing sites are still doing brisk business, but few users see reason to go legit. 17-May-2008
Open XML Converter for Mac Due Soon
Microsoft says its software conversion tools to enable Macs to read Open XML files will ship in June. 17-May-2008
XO Laptop to Run Windows
The One Laptop Per Child effort cuts a deal with Microsoft to run its OS. 17-May-2008
Developers Prefer XP Over Vista, Survey Shows
Besides avoiding Vista, developers are still writing for the older version of Microsoft Office. 17-May-2008
20% of U.S. Has Never Sent E-mail
A survey finds that almost a third of households get along fine without Internet access. 17-May-2008
Cell Phone More Vital than Wallet, Poll Finds
Nortel surveys gadget-users in search of "hyperconnected" workers. 17-May-2008
GTAIV Sales Set Guinness Record
The Guinness Book of Records confirms Grand Theft Auto IV takes the crown for debut entertainment sales. 17-May-2008
Srizbi Becomes World's Largest Botnet
The malware continues to grow, hitting the dubious distinction of biggest spammer. 17-May-2008

PC World's Marketplace

PC World's Free Whitepapers

Name City
Address 1 State Zip
Address 2 E-mail (optional)