Re: First vulnerabilities in the SP2 - XP ?...
In-Reply-To: <200408180941.16239.radoslav.dejanovic@xxxxxxxx>
>This basically tells the user to open CMD and then execute the attachment in
>command line. Now, someone has to be really, really dumb to do that.
People might forget that dragging and dropping to a command prompt actually
executes the file.
I have 2 words, Batch files.. I did not get prompted when I double clicked a
batch file containing one line "Malicious program.exe"
Sp2 did not also detect that Viri.zip downloaded from the internet and contains
an EXE inside it...
I am not trying to create bad press for SP2, I personally think very highly of
it...
But I do think people will enter the trap "Wel it's gonna alert me if it's not
safe ain't it?" I think that's the biggest issue here