All programs interpret the data files that they use. If you format the data in the file in a way that the programmers didn’t think of you may be able to exploit bugs in programs to allow you to execute code. Text editors are generally meant to work with arbitrary files so you probably won’t find an exploit for wordpad. There have been exploits for things like MP3 players and picture viewers.
Whilst one may not be a virus, it may include a virus. .avis, .mp4, .mkvs, .movs etc. are naturally merely containers for codecs. There’s a legend — doubtful to me — that anti-torrent organizations not only put up fake torrents to catch IP addresses ( which they do ), but they also sometimes include malware. To discourage torrenting.
Anyway, I once downloaded a short ( say, 5 minutes ) video, and it sprinted across the screen in 20 seconds and merely showed an image. Had I been using Windows I would have been alarmed. Checks showed that it was malware.
So if it’s a docx (and doesn’t contain macros) or you disable macros, are there any other known exploits, or is it safe to open such files?
It’s just my theory, but I observe that OS X actually supports files without any extension…
Pre-OS X Mac OS didn’t use file extensions at all, but used something called type code which was a part of the file meta data instead.
Including mp3 or other media files?
That’s the word on the street for the legions of people who “share” via BitTorrent.
If the file is a plain text file, it’s a plain text file. If the file pretends to be a plain text file and contains a virus – well, it has a virus in it, no matter what the extension says it is.
LOL… yes, including them files … However, being an mp3 files does not mean that it’s a virus
I would be cautious
As to media file types and viruses.
Sometimes programs that decode these files are found to have errors which can be exploited.
A classic example was the old form of uncompress used in LZW compression. There was a mistake in the stack handling and this was exploited. A lot of file formats use LZW encoding, e.g., gif. And furthermore, a lot of the programs that handled these formats used the same code since it was freely available. Several MS compression libraries were affected by this as well. Updates were eventually rolled out but no doubt there are a lot of people with older versions of some apps still around. If they open the wrong gif file, oops.
And that’s a simple static media format. Audio and video files are much trickier to handle, the code is more complex, there are more opportunities for software errors to occur, etc.
Some media files are exploitable by more direct ways. E.g., some MS video encodings allow people to embed links to web sites inside them, so that when you play the video, a link is opened to that web sites. Holy freaking moly is that a bad idea to allow that by default.
And anything made in any Adobe media format should be assumed to be dangerous.
Here’s a recent exploit:
I think I also remember reading about a DOCX XML one (different from above) in the past.
Has anyone tried any of these programs to avoid virus’s installing on their PC?
I find that deepfreeze can be a PITA but sandboxie is a good idea to have when downloading dodgy files.
I mean it can identify files without extensions just fine, or it hides extensions from the user.
Not seeing the extensions in Windows by default is basically the same – Windows seems to just open the file magically with the right program.
When you save your file on your Mac for your own Mac, the program/computer will most likely remember what file it is. When you are sending that file with no extension (and hidden tags/index), chances are the other person cannot open the file at all – all depending on what type of file it is.
However, since many file types are just “zip” files in disguise with various extension. The extension is there, so the file goes straight to the program you want the file to be associated with and open with, eg.: *.Mpg with Windows Media player, *.mkv with VLC player, *.avi with Media Player Classic.
So, a Mac needs extensions as well, if the saved file type is not a “zip” file.
These two statements seem to contradict each other.
Viruses exploit holes in the program that loads that type of file (or related/called pgms), if notepad had a vulnerability due to the way it was coded, then a text file could have a virus, but notepad and loading text files is simple enough there may be no vulnerabilities.