Windows 10 contains a default setting you must change to stay safe
SOPA Images/LightRocket via Getty Images
Forbes
In a new write-up, the ever-excellent BleepingComputer reveals that every Windows 10 computer is vulnerable to a serious (and widespread) system hack unless they change the default settings for viewing files.
“Microsoft hides file extensions in Windows by default even though it’s a security risk that is commonly abused by phishing emails and malware distributors to trick people into opening malicious files,” the site warns.
File extensions are the letters shown after a file name. BleepingComputer uses the example report.txt and “txt” is the file extension. You will be familiar with many common file extensions such as .doc (Word documents), .pdf (Adobe documents), .mov (QuickTime media files) and, perhaps most famously, .mp3 (music files). And yet it is likely you can’t name many modern types now because, yes, Microsoft now hides them by default to simplify the end user experience. And that’s dangerous.
As BleepingComputer explains: hackers will send malware files to users via spam, trick browser downloads and more and they often look like innocent files thanks to Windows 10 hiding their extension. Hackers do this by giving their malware an innocent name and the icon of a legitimate program, for example, malware could be called “Scan_002_01” and use the Adobe Reader icon (the Windows 10 zip file icon is popular too). But if you could see the file extension, it would reveal this is not a .pdf file but a .exe (executable) file which, when opened, will install malware on your computer which opens it up to multiple attacks, such as remote control of your system and ransomware.
Only after enabling Windows 10 file extensions can this executable malware be seen
BleepingComputer
How To Protect Yourself In Windows 10
To avoid being such an easy target, BleepingComputer points out that you need to change Windows 10 settings to enable the ability to view file extensions by default. Do the following:
- Windows 10 Start Menu > type ‘Folder Options’ > open ‘File Explorer Options’
- Click ‘View tab’ > Advanced settings > Uncheck “Hide extensions for known file types”
- Click ‘Apply’ > Click ‘Ok’
Yes, it’s a simple fix for a serious problem and advanced users are likely to do this as a matter of course. The problem is Windows 10 is now on over 900M devices so millions of users won’t have. Consequently, while I can understand Microsoft’s desire not to confuse its Windows 10 users with file extensions, in this instance I think dumbing things down does more harm than good.
It would be crazy if gas stations didn’t clearly label the types of fuel on their pumps. Microsoft needs to realise when it comes to Windows 10, users shouldn’t need to dive into settings just to see what they are about to run on their PCs.
___
Follow Gordon on Facebook
More On Forbes
How To Upgrade To Windows 10 For ‘Free’ In 2020
Windows 10 Warning: Anger At Microsoft Rises With Serious New Failure
Microsoft Confirms Massive Upgrade Changes With Windows 10X
“>
Windows 10 free updates are still a thing, but the cost for users has been very high in recent months. And now users need to know about another fundamental vulnerability, one which Microsoft enables on all Windows 10 PCs by default.
Windows 10 contains a default setting you must change to stay safe
Forbes Gordon Kelly
In a new write-up, the ever-excellent BleepingComputer reveals that every Windows 10 computer is vulnerable to a serious (and widespread) system hack unless they change the default settings for viewing files.
“Microsoft hides file extensions in Windows by default even though it’s a security risk that is commonly abused by phishing emails and malware distributors to trick people into opening malicious files,” the site warns.
File extensions are the letters shown after a file name. BleepingComputer uses the example report.txt and “txt” is the file extension. You will be familiar with many common file extensions such as .doc (Word documents), .pdf (Adobe documents), .mov (QuickTime media files) and, perhaps most famously, .mp3 (music files). And yet it is likely you can’t name many modern types now because, yes, Microsoft now hides them by default to simplify the end user experience. And that’s dangerous.
As BleepingComputer explains: hackers will send malware files to users via spam, trick browser downloads and more and they often look like innocent files thanks to Windows 10 hiding their extension. Hackers do this by giving their malware an innocent name and the icon of a legitimate program, for example, malware could be called “Scan_002_01” and use the Adobe Reader icon (the Windows 10 zip file icon is popular too). But if you could see the file extension, it would reveal this is not a .pdf file but a .exe (executable) file which, when opened, will install malware on your computer which opens it up to multiple attacks, such as remote control of your system and ransomware.
Only after enabling Windows 10 file extensions can this executable malware be seen
How To Protect Yourself In Windows 10
To avoid being such an easy target, BleepingComputer points out that you need to change Windows 10 settings to enable the ability to view file extensions by default. Do the following:
- Windows 10 Start Menu > type ‘Folder Options’ > open ‘File Explorer Options’
- Click ‘View tab’ > Advanced settings > Uncheck “Hide extensions for known file types”
- Click ‘Apply’ > Click ‘Ok’
Yes, it’s a simple fix for a serious problem and advanced users are likely to do this as a matter of course. The problem is Windows 10 is now on over 900M devices so millions of users won’t have. Consequently, while I can understand Microsoft’s desire not to confuse its Windows 10 users with file extensions, in this instance I think dumbing things down does more harm than good.
It would be crazy if gas stations didn’t clearly label the types of fuel on their pumps. Microsoft needs to realise when it comes to Windows 10, users shouldn’t need to dive into settings just to see what they are about to run on their PCs.
___
Follow Gordon on Facebook
More On Forbes
How To Upgrade To Windows 10 For ‘Free’ In 2020
Windows 10 Warning: Anger At Microsoft Rises With Serious New Failure