[36242] in bugtraq
RE: First vulnerabilities in the SP2 - XP ?...
daemon@ATHENA.MIT.EDU (Larry Seltzer)
Tue Aug 24 09:13:49 2004
Message-ID: <20040821103633.3913.qmail@mail.securityfocus.com>
From: "Larry Seltzer" <larry@larryseltzer.com>
To: <bugtraq@securityfocus.com>
Date: Sat, 21 Aug 2004 06:43:30 -0400
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <20040818183152.30491.qmail@www.securityfocus.com>
>>People might forget that dragging and dropping to a command prompt
actually executes the file.
>>I have 2 words, Batch files.. I did not get prompted when I double
clicked a batch file containing one line "Malicious program.exe"
Actually, dragging a program icon to a command window doesn't execute
it, it just pastes the full name into the command window. It's not the
same as double-clicking.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@ziffdavis.com
