No change in the design that lets hackers easily mask malicious files

Windows 7 Release Candidate (RC) continues a long-running Microsoft practice that puts users at risk, a security researcher said today.

The new operating system's Windows Explorer file manager still misleads users about the true extension of a file, said Patrik Runald, chief research advisor at Helsinki-based F-Secure Corp. Rather than reveal the full extension for a filename, Windows Explorer hides the extension for known file types, giving hackers a way to disguise malware by using those file types' extensions and icons.

More: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9132626