Can't say that I'm not impressed, the flaw is such that explorer.exe doesn't check for the zoneID, so anybody can write a virus with an extension of say, .gif, and have cmd
command execute it. Hence:
cmd /c evil.exe
can be wrapped as:
cmd /c evil.gif
so a virus writer can write a virus, tag it as, say,seebritneynakednow.jpg
when it's actually an executable, some unwitting person downloads it, and opens it and a virus attacks their system.
What irks me is that isn't SP2 supposed to protect you from this? I mean, months of writing and the same old parlor trick is still exposed?
Part of the description is a bogus issue (if I read it right). Any OS is vulnerable if the user is willing to run a program from the command line.
Also, I want to try this - because last time I did - it didn't work. I got a warning. Of course all I did was rename a .exe to another extention - and it was months ago. Are you saying its more complicated than that?
Did SP2 actually introduce this or simply fail to fix it?
I will read it a bit closer later.
Bottom line - don't open unknown attachments - I have been able to direct myself to a site (of choice) with a .eml attachment - so I don't even trust those.