MICROSOFT CLAIMED a hacker trick that allows an executable file to be launched when a user types a Web address into Internet Explorer is a feature rather than any security vulnerability. But security boffins have warned that this particular 'trick' is unnecessary and expect it to be exploited by malware writers. ZD Net Australia quotes Michael Warrilow, of Hydrasight as saying that Volish "useful features" have been shown to result in security exposures that are ultimately exploited for malicious purposes. This will be no exception.
Another security expert James Turner of Frost and Allen said that he could imagine that malware writers could definitely exploit this feature particularly with a little social engineering.
View: The full story
News source: The Inq