Deceptive file names under Vista
Attackers can use Unicode character codes under Windows Vista to conceal filenames and filename extensions. A demonstration by Max Ried makes an executable screen-saver file (.scr) look like a harmless image (.jpg).
The falsified display of the filename is due to the inclusion of Unicode control characters that change the direction of writing. These are required for the Arabic-speaking region, for example, where writing runs from right to left. Unicode recognizes the control characters (PDF) right-to-left override (RLO, 202E) and left-to-right override (LRO, 202D) to switch the writing direction.
Under Windows Vista, and possibly other operating systems too, these special characters are permitted in filenames; not so under Windows XP. Attackers can fool Vista users by concealing harmful executable code with these characters. The usual tips on guarding against mischievous attacks, such as not to run executable E-mail attachments, are of no assistance.
This is yet another example of supposedly harmless files, such as documents, images, mp3 files or even playlists, potentially carrying damaging code that exploits holes in the associated software, and users should avoid files, even of these types, that come from unknown or untrustworthy sources. All the same, Microsoft ought to think about issuing a patch that prohibits the use of these special characters, at least in file names--there can be no good reason to use them there.
(mba)