Infoworld
has revealed an "hidden features" of Internet Explorer that could be a terrible
hole on the system. For the surprise, just follow these steps:
- Right Click on your desktop and create a new shortcut
- Choose c:\windows\system32\notepad.exe as
the target of this shortcut
- Give www.microsoft.com as the
shortcut name
- Now launch IE and on the address bar type www.microsoft.com
What's the result? Instead of opening the Microsoft's website, IE opens your
Notepad!! 
This is terrible... if someone can place a bad shortcut on your machine, you
can launch executable files without be warned of the risk. The shortcut trick
works only if you don't type http:// URI on the
address, but how many of us types the http://
prefix instead of leaving that IE will place it for you?
This problem can't be considered as a feature, launching an executable on the
client machine is a danger that must be avoided.
I'm always surprised when I see this effects: we're waiting Vista, a more
robust and secure Windows, but after years of work we'll see again stupid holes
like this...