Text file virus - Potential concerns or another paranoia?

Neowin member jorgeivan2k3 has posted about an Australian programmer, Geoff Vass, who believes that text files are no longer harmless.

"So I had an email conversation with the fellas at secure@microsoft.com and they felt it was not a problem and would not be changing the behaviour," said Mr. Vass.

Geoff Vass has recently claimed to have discovered a flaw in CMD - Microsoft's command line interface - that could fool users into running a virus. Mr. Vass explained that because CMD looks at the header of a file and then executes it, it's possible to rename the extension of a potentially harmful application to something else. For example – say a virus.exe to innocent.txt – CMD would happily execute it. This is, of course, quite concerning. Mr. Vass believes that Microsoft should fix the problem quickly; but can one really blame them?

The answer to that question lies on the true functionality of CMD. When was the last time that you "executed" a text file? Note "execute" and not viewing with a text editor, as this is where the problem lies. If CMD is supposed to execute files and applications, one perhaps shouldn't be surprised that it does this. However, as Mr Vass notes, the CMD action "behaves totally counter-intuitively, considering that every other part of the operating system looks at the file extension and not the contents".

"NAV 2003 caught it," said Neowin member from the forum. As Microsoft PR often concludes, only run trusted code; asides from conveniently letting them off the hook on issues like this, it's pretty sound advice. It's your choice whether or not you would push the big red "Let's Blame Microsoft" button, this time.

View: Microsoft Knowledge Base Article 811528

News source: In-House | Discussion

Report a problem with article
Previous Story

Neowin Interview : Ben Goodger, chief developer of Firefox

Next Story

New Pokemon titles top a million sales in North America

0 Comments

Commenting is disabled on this article.

There are no comments