RE: First vulnerabilities in the SP2 - XP ?...
>>People might forget that dragging and dropping to a command prompt
actually executes the file.
>>I have 2 words, Batch files.. I did not get prompted when I double
clicked a batch file containing one line "Malicious program.exe"
Actually, dragging a program icon to a command window doesn't execute
it, it just pastes the full name into the command window. It's not the
same as double-clicking.
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@xxxxxxxxxxxxx