Don't fall for Folstart

Discussion in 'malware problems & news' started by ronjor, Nov 13, 2012.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    https://blogs.technet.com/b/mmpc/archive/2012/11/13/don-t-fall-for-folstart.aspx?Redirected=true
     
  2. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    Perhaps a reason for MS not to hide extensions by default?
     
  3. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    You are damn right! :thumb:
    File-Extensions should Not be Hidden.
    More provisions should be taken by MS to ensure that
    File-Extensions cannot easily Modified, become Hidden etc. :isay:
     
  4. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    I've never understood the logic behind hiding extensions.
     
  5. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Exactly!
    Hiding Extensions does Not facilitate Security...;)
     
  6. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    I would be willing to bet that in the 7 years that I did IT before the MBAM project I un-hid and explained extensions at least 1000 times. People accepted the change and were happy to know that this removed an obvious way that they could be exploited.

    IMO MS underestimated the user when it comes to understanding extensions and even though hiding them has presented a constant security issue for more than 10 years now admitting that they are wrong is still too much to ask of them.

    Researching malware I cannot tell you how many thousands of samples I have seen like report.pdf.exe (with an acrobat icon), movie.mpg.exe (with a WMP icon) or music_folder.exe (with a folder icon). The bad guys are well aware how easy this is to exploit and MS simply does not care enough to stop them.
     
  7. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    The delete command probably forced them to hide those files. :D
     
Thread Status:
Not open for further replies.