"Timwi" timwi@gmx.net wrote in message news:bvj1b6$d5m$1@sea.gmane.org...
Brion Vibber wrote:
On Jan 31, 2004, at 04:45, Timwi wrote:
# May contain harmful executables for Windows victims"exe", "scr", "dll", "msi", "vbs", "bat", "com", "pif" );You might want to add "cmd", "vxd", and "cpl" to the latter list.
Jeez! Is there any file type that _isn't_ executable by default on Windows? :P
Well, out of those three, only "cmd" is "executable by double-click".
But the file format of libraries, drivers and everything is the same for EXE, and so they are also executable. For example, "cpl" is a plug-in for the Windows Control Panel, and so a CPL file in your Windows directory would be executed when you open the Control Panel. Similarly, VXD is a device driver, I think.
Any file can contain machine code. Files such as dll, vxd and cpl are only dangerous if they are somehow downloaded in such a way as to overwrite existing libraries. Far more dangerous are file formats which are executed on double-click and can contain VBA macros: doc, xls, etc.
-- Tim Starling