Jump to content
Sign in to follow this  

Microsoft: Shortcut 'trick' is legitimate feature

Recommended Posts

What do you all think about this? I don't like it.

"A Windows shortcut "trick," which could allow an executable file to be launched when a user types a Web address into Internet Explorer, is not a security vulnerability, Microsoft said.

Using Windows XP and Internet Explorer, a user could type in a Web address--such as www.microsoft.com--into a browser, and instead of launching the Web site the browser would run an executable file located on the user's computer.

To test the so-called trick, try the following:

• Right click on the Desktop and create a new Shortcut

• Point the shortcut to an executable--such as c:\windows\system32\calc.exe

• Call the shortcut www.microsoft.com

• Start Internet Explorer and type "www.microsoft.com" into the address bar

If the shortcut is then deleted--or the characters "http://" are added before the "www" in the browser address bar--then IE will once again connect to the Internet as expected. "

ZD Net

Share this post

Link to post
Share on other sites

yea i heard about that on digg. its pretty interesting with the things you can do with that. it gets a little deeper than you described. for like office pranks, you could save abc.com's main page to a co workers computer, edit the newstitles and stuff to be humorous, then hide it on their computer with the name of www.abc.com. so whenever he/she types it in next, it would show up with your edited page


Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this