Potentially Unsafe File Types : HughSexeyMiddleSchool

Understanding what the different file types are and what they can do is an essential part of protecting yourself against any sort of security breach i.e. virus, malware, denial of service attack, fraud etc…

You should never attempt to open a file that you are unsure of you really don’t want to know the answer to the question “I wonder what this file does?”

The file type of a file, sometimes referred to as its extension, is the last portion of the name of the file. For example, if you have a file called "memo.doc", the last portion of the name of the file (that is, the portion following the final period) is "DOC". This file therefore has a file type of DOC, and would sometimes be referred to as a DOC file or a .DOC file.

Windows generally uses the file type to decide how the file will be handled when you double-click the file's icon. For example, DOC files most often contain Microsoft Word documents; if you double-click a DOC file and Microsoft Word is installed on your system, Windows will open the file in Microsoft Word.

Two examples of file types that contain programs are the file "game.exe" which has a file type of EXE and “game.bat” which has a file type of BAT. These types of file normally contain a program, and if you double-click it, Windows will run the program.

EXE and BAT file types are examples of a potentially unsafe file types. While the vast majority of EXE or BAT files that you are likely to encounter are safe and useful, malicious individuals sometimes write programs that can harm your computer and distribute them in the form of EXE or BAT files.

There are a number of other file types that are often considered to be potentially unsafe because they have been used to spread viruses. There is no definitive list of these file types that everyone would agree with, and to some extent the list is constantly changing, but here is the list of the main file extension you should take care in opening:

ADE, ADP, APP, ASA, ASP, BAS, BAT, CER, CHM, CMD, COM, CPL, CRT, CSH, DLL, EXE, FXP, HLP, HTA, HTM, HTML, HTR, INF, INS, ISP, ITS, JS, JSE, KSH, LNK, MAD, MAF, MAG, MAM, MAQ, MAR, MAS, MAT, MAU, MAV, MAW, MDA, MDB, MDE, MDT, MDW, MDZ, MHT, MHTM, MHTML, MSC, MSI, MSP, MST, OCX, OPS, PCD, PIF, PRF, PRG, REG, SCF, SCR, SCT, SHB, SHS, TMP, URL, VB, VBE, VBS, VBX, VSMACROS, VSS, VST, VSW, WS, WSC, WSF, WSH, XSL

All of these file types have legitimate uses under appropriate circumstances. The simple fact that a file is one of the types listed above does not mean that there is something "wrong" with the file or that it is infected with a virus. But if you receive a file with one of these types from an untrusted source or in unexpected or suspicious circumstances, you should not work with the file until you are sure that it is safe.

Of course, as mentioned above, there is no definitive list of which file types are safe or unsafe, so even with file types that are not on the above list, you should use appropriate cautions. You should always:

Security Tips

Know Your Source
Never open a file that is attached to e-mail from an unknown source
If an unexpected file is attached to e-mail from someone you know, consider verifying with the sender that the attachment is legitimate. Some viruses spread by e-mailing copies of themselves to everyone in the contact lists of infected computers; this means that you can receive infected files even from people you know.
Avoid downloading files from untrusted web sites.

Disable Hidden File Name Extensions

All current versions of Windows are initially installed with an option called "Hide extensions for known file types" enabled. When this option is enabled, Windows will not display the file name extensions (.EXE, .DOC, etc.) for file types that it knows about. Hugh Sexey CofE Middle School controls the file view options using group policy editor therefore no action is required to view file extensions whilst on campus.

This option is considered by many knowledgeable users to be dangerous, primarily because it can mislead you about the true nature of your files. For example, you might have a virus-infected file named "vacation.jpg.exe". If the hidden extension option is enabled, this file will appear on your desktop or in Windows Explorer as "vacation.jpg", leading you to think that it is a harmless vacation picture. In fact, it is an executable program, and opening it could infect your computer.

To disable hidden extensions:

1. Open My Computer or Windows File Explorer.

2. Click Folder Options or Folder and Search Options, which will be located in either the Tools menu, the View menu, or the Organize menu, depending on your version of Windows.

3. In the Folder Options dialog, click the View tab.

4. Uncheck the box labeled Hide extensions for known file types and click OK.