PCWorld: "An attacker could trick a user of Microsoft Internet Explorer Web browser into downloading and running a malicious program by
disguising it as an innocent file, a Finnish security company has warned.
The file name as it appears in the IE file download dialog box can be faked by using certain URLs and HTTP headers on a Web
page, making the user think he is opening a media file when in fact he is installing a "back door" on his PC, according to Oy Online
Solutions. A back door is a program that can be used by hackers to enter a user's PC."