Win7 can still be exploited by hackers

Yet another reason why I hate it how Windows defaults to hiding file extensions, or hides them at all. Why did Microsoft replicate that practice from Apple, without realizing that Mac OS doesn't rely on file extensions like Windows does? At least flag the filename explicitly as executable.

The reason they hid the extensions was to make it harder and more frustrating for first-time users.

Sometimes you can have more than one file with the same name (ie, when the (hidden) extensions are different). And sometimes you cant! How *incredibly* frustrating when you dont know the reason, to be told "file already exists" when youre trying to save something!

Micro$haft have a whole department just to come up with ideas like this, you know.

thats stoooopid. most antivirus will catch that. secondly most folks will show full extension via explorer settings anyways. is this even worthy of posting. F-secure should just call themselves F'd-security for this one

This Just in, Users still stupid no matter what operating system they are placed upon.

... is that the average user is not concerned by the security enough. They either look at a PC as a tool to do their work with at the office or as an entertainment machine, at home (not always so distinct, mind you). When a problem arises there is always the IT guy, from which they expect miracles. The more responsible ones rely on the antivirus program (quite often in a pirated version, just like the whole OS, for that matter), not taking into account that there are so many other ways to get your machine affected that an regular antivirus cannot protect you from, the most obvious one being the very trust the user has in his own... PC skills.

This exploit requires you to be a quadruple dumb ass to work: You have to download the dodgy file in the first place. Then you have to not notice the full file name as it downloads, Then you have to have no antivirus software installed or have it disabled. You have to file extensions still hidden, yet at the same time know enough to disable UAC so that there are no prompts asking you if you wish to trust the exe you just double clicked on.

It's like saying a car manufacture is at fault if you were killed in one of their cars, because they didn't label the brake pedal. But you didn't wear your seat belt, you had ripped out the air bag and then drove at 120mph the wrong way down a one way street.

One word "AVG", It's free, and it works on Windows 7, and it will detected a trojan or other virus even if it's stored in a compressed file, before a download is even saved to your HDD where you can see it, to click on it.

AnD yes I too wish Microsoft didn't hide common file extensions by default.

..."People typically look at the icon to know what the file is," Runald told ComputerWorldUK. "If it looks like a Word doc or a PDF file, there's an implicit trust in it, and users are more likely to click on those files, even if they are actually an executable."

Unfortunately he fails to take note of the fact the Windows displays an icon based on the extension. To take his example, the file somefile.txt.exe would be recognised as an EXE not a TXT file by the OS, and the icon displayed would therefore not be that of a text file.

it prevents keegs (opposite of geeks) from renaming untitled.txt to myname (without extension) and then complaining how MS makes crap software because they can't open the file. Yes, there's a warning, but if they don't understand what an extension is, they can't understand that warning either.

a has it right!
Users are stupid no matter what OS they use. However, taz-nz is also right. The first thing I do when logging into a new Windows box is unhide extension and hidden files and system files, etc. It would be nice NOT to have to do that. Yes, I apply this to all folders as well. I guess what is needed is a "drivers license" to buy a computer. Dell, Intel, et al would hate that, but it could well reduce bot nets and virus (computer virus) outbreaks.

Think before you post...

An EXE can be embedded with any icon the author bloody well pleases, which will be shown by Windows.

These are the same users that will click "yes" when a pop-up says that they need spyware protection and do they wish to download.

Besides, even with UAC turned completely off, it's going to promot to see if you want to run an application. Variable UAC will prompt at least twice.

There's not much you can do for those who are destined to be stupid.

I bet they still allow an executable binary file with an extension like .pif or .lnk to run freely.

Run an exe in windows xp/vista/7.
You get a SECURITY WARNING.

How much bubble wrap do the insecurity experts want? They're starting to sound like the people who won't shut up about the millions of horrible things that could happen to your children if you don't freeze them in carbonite.

I see the microsoft paid for posters are here. Of course win7 can be hacked! It's windows isn't it? As I said before ONLY THE WINDOWS OPERATING SYSTEM (ANY VERSION) IS A WORM, TROJAN AND VIRUS MAGNET. Therefore microsoft should take extra ordinary steps to fix their junky OS. Not make excuses like some of their poster have here. When microsoft runs out of money paying off congress and the news media maybe we can get it outlawed for existing. It has caused more drain on the world economy in the form of lost productivity, crime and materials waste on new equipment than any other thing in existance. It is NOT green in any since.

Brian, you're absolutely correct. It's called UAC. This article is non-worthy.

eyeread, you're a joke. Nobody on here is paid by Microsoft. People like you with the inability to clearly reason should be thrown in an insane asylum (if that's not where you're already writing from).

Which OS cannot be exploited by hackers?

Any popular OS's holes will be found & exploited.

Admittedly microsoft can do more for security, but really, they have come a long way since DOS 95, err windows.

Even if said file was called attack.txt.exe - there are still users where I work would open it just to see what it was!