krit86lr Posted July 6, 2006 Share Posted July 6, 2006 What do you all think about this? I don't like it. "A Windows shortcut "trick," which could allow an executable file to be launched when a user types a Web address into Internet Explorer, is not a security vulnerability, Microsoft said. Using Windows XP and Internet Explorer, a user could type in a Web address--such as www.microsoft.com--into a browser, and instead of launching the Web site the browser would run an executable file located on the user's computer. To test the so-called trick, try the following: • Right click on the Desktop and create a new Shortcut • Point the shortcut to an executable--such as c:\windows\system32\calc.exe • Call the shortcut www.microsoft.com • Start Internet Explorer and type "www.microsoft.com" into the address bar If the shortcut is then deleted--or the characters "http://" are added before the "www" in the browser address bar--then IE will once again connect to the Internet as expected. " ZD Net Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.