This week I learned about a "trick" that you can do in Windows which, as far as I am concerned, is a serious security risk.
In an article written by Infoworld's Roger Grimes, he describes a "feature" in Windows that allowed me to run an executable file by simply typing a Web address into Internet Explorer.
Test it yourself:
- Right click on the Desktop and create a new Shortcut
- Point the shortcut to an executable -- such as c:\windows\system32\calc.exe
- Call the shortcut www.microsoft.com
- Start Internet Explorer and type "www.microsoft.com" into the address bar
For the past few years, banks have been advising their customers to type their online banking URL into the browser -- instead of clicking on a link that may be a phishing scam.
If a piece of malware created this kind of shortcut, called it your online bank's name and then pointed the shortcut to a malicious file, the next time someone used that computer and, using the banks advice, tried to log on to their online bank, they would execute the malicious file.
Surely there must be a reason for this functionality.
I happened to be speaking with Austin Wilson, director of product management for Windows Vista Security on Thursday about rootkits and other security issues, so asked him about the "trick".
His reply: "That is something I need to follow up with our security response centre and find out if this is something that is known and is there a reason for it because I don't know off the top of my head if that is expected functionality or not".
It is almost the end of play on Friday and no reply, so I assume Austin is still waiting for the security response people in Redmond to get back to him.
Can you think of a legitimate use for this feature? I can't.
Unfortunately I am unlikely to be able to update you on this until I get back from my vacation -- over the next three weeks my plan is to live on German time in Queensland and not miss a kick.