Get our new Windows 7 eBook (PDF) for $7 with 70+ Tips. Download Now!

Internet Explorer File Download Extension Spoofing

Wednesday, January 28th, 2004
by Marc Erickson

No Related Post

Description:
http-equiv has identified a vulnerability in Internet Explorer, allowing malicious web sites to spoof the file extension of downloadable files.

The problem is that Internet Explorer can be tricked into opening a file, with a different application than indicated by the file extension. This can be done by embedding a CLSID in the file name. This could be exploited to trick users into opening “trusted” file types which are in fact malicious files.

Secunia has created an online test: http://secunia.com/Internet_Explorer_Fil…

This has been reported to affect Microsoft Internet Explorer 6.

NOTE: Prior versions may also be affected.

Solution:
Do not use “Open” file, always save files to a folder as this reveals the suspicious filename

Tags

Categories

Technology

What Do You Think?

Posted Recently

Shifting Blame Is Socially Contagious

Sustainable Food Production Isn’t So Sustainable

Developing ‘Green’ Tires That Boost Mileage And Cut Carbon Dioxide Emissions

Researchers Create ‘Fly Paper’ To Capture Circulating Cancer Cells

UCLA Study Shows Brain’s Ability To Reorganize

New Research Helps Explain Why Bird Flu Has Not Caused A Pandemic

Better Way To Harness Waste Heat

Five Exercises Can Reduce Neck, Shoulder Pain Of Women Office Workers

UT’s Kraken Named World’s Third Fastest Computer, ORNL’s Jaguar Is #1

Tiny Bubbles Clean Oil From Water

Warmer Means Windier On World’s Biggest Lake

Researchers Find Potential Treatment For Huntington’s Disease

Transcendental Meditation Helped Heart Disease Patients Lower Cardiac Disease Risks By 50%

Record Highs Far Outpace Record Lows Across US

Mystery Contemplated By Charles Darwin Solved

Study Offers Tips On Taming The Boogie Monster

Sponges Recycle Carbon To Give Life To Coral Reefs

Pushing Light Beyond Its Known Limits

Researchers Turn Algae Into High-Temperature Hydrogen Source

To Make Memories, New Neurons Must Erase Older Ones

Faulty Body Clock May Make Kids Bipolar

Energy-Saving Powder

Drug Industry, Nonprofits Join Forces To Fight World’s Neglected Diseases

Ice Cream Researchers Making Sweet Strides With ‘Functional Foods’

Remains Of Minoan-Style Painting Discovered During Excavations Of Canaanite Palace

Improvements Proposed For Electronic Voting By Internet

Rutgers Computer Scientists Work To Strengthen Online Security

Yoga Boosts Heart Health

Darwin Meets Facebook

Researchers Find New Way To Spot Fraud

1930s Drug Slows Tumor Growth

Past Climate Of Antarctica Informs Global Warming Debate

58% Of U.S. Doctors Report Patients Have Difficulty Paying

Atlanta’s Fernbank Museum Tracks Infamous Conquistador Through Southeast

Oral Contraceptives May Benefit Women With Asthma

New Evidence Supports 19th Century Idea On Formation Of Oil And Gas

Internet Search Process Affects Cognition, Emotion

Quantum Gas Microscope Offers Glimpse Of Quirky Ultracold Atoms

‘The Eyes Have It’ For ID Verification

Research Leads To Improved Human, Object Detection Technology

35 queries / 0.532 seconds.