We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

IE hole disguises dodgy progam as media file

Malicious activity via the back door

Users of Microsoft Internet Explorer could be tricked into downloading and running a malicious program which is disguised as an innocent file, a Finnish security company has warned.

The filename as it appears in the IE file download dialog box can be faked by using certain URLs and HTTP headers on a web page, making the user think he is opening a media file when in fact he is installing a "backdoor" program on his PC, according to Oy Online Solutions.

A backdoor program can be used by hackers to enter a user's PC.

IE won't show the warnings it typically displays when a program file is downloaded or opened, because the EXE file extension may have been hidden or replaced with another such as TXT or HTM.

The file is run without any warnings because IE, just as the user, thinks it is a harmless file.

Microsoft has issued a patch for IE 5.0, 5.5 and 6.0, which should be available next week.


IDG UK Sites

12 cheapest smartphones of 2015: The lowest-cost smartphones you can buy in the UK. Best budget...

IDG UK Sites

Samsung: King of the Androids (or MWC, at least)

IDG UK Sites

Inside Microsoft's universal platform for designing apps that work on PCs, tablets, phones, Xbox...

IDG UK Sites

Create a FrankenMac! Upgrade your old Mac, give your Mac a power boost