A pedant that hangs out in the dark corner-cases of the web.

Friday, November 24, 2006

Edit != Execute

The publisher could not be verified.  Are you sure you want to run this software?<br />Name: sync.cmd<br />Publisher: Unknown Publisher<br />Type: Windows Command Script<br />From: M:\<br />Run  Save  Cancel<br />Al&ways ask before opening this file<br />This file does not have a valid digital signature that verifies its publisher.  You should only run software from publishers you trust.  [How can I decide what software to run?]

Here's a major Windows security screw-up that's actually been around for a while: if you try to edit a script or batch file that Windows has decided is "unsigned" via the context menu, you are asked if you are sure you want to run it, since the publisher cannot be verified. If you choose "Run" (since you don't want to "Cancel"), Windows executes the file!

No comments: