Windows Hidden Feature or Security Bug?
Infoworld contributing Editor Roger A. Grimes wrote an interesting piece about a recently discovered windows feature that could very well end up as an easily exploitable vulnerability. The news has spreaded pretty much everywhere now, so I guess it's only a matter of time until a smart ass decides to release some code that will exploit this "hidden feature".
The trick is that Internet Explorer 6 and 7 beta can be fooled into running Windows desktop shortcuts instead of going to the Internet. For example, right-click your desktop and choose Create a Shortcut. Tell the shortcut to run Notepad.exe, but name the shortcut "www.aol.com." Now type www.aol.com into IE (Internet Explorer) and see what happens. Instead of going to www.aol.com, IE starts Windows notepad.