Windows 7 continues Windows Explorer security risk

Now Windows 7 RC is ready for use, but Microsoft's new operating system still needs to be patched to improve its security.

Mikko H. Hypponen, F.Secure's chief research officer, pointed out that Windows 7 has retained a feature in the operating system's file management program, Windows Explorer, since the Windows NT system could allow attackers to scam Windows users.

Specifically, Windows Explorer provides a way to hide file extensions, which virus writers can use to disguise executables as non-virtual files, such as text files.

By changing the icon of a malicious executable, malware writers can easily trick users into running malware by using social engineering techniques.

This situation may not have caught the attention of Microsoft, Microsoft is not in a hurry to launch its End-to-End Trust (end-to-end trust) feature to improve the security of the computer. At the RSA conference in 2008, Microsoft Chief Research and Strategy Officer Graig Mundie said that it is important that we give users the tools to make them trustworthy choices to ensure security.

It is equally important to know the exact information about the essential properties of files on your computer.

At the same time, Microsoft has also enhanced the functionality of Windows 7 against another attack vector (automatically executing files on removable media). Last month, Microsoft said that they changed Windows AutoPlay so that they would no longer automatically run applications on external devices, which would help prevent the spread of malware, such as the conficker worm that spreads over USB.