By default, Windows does not display the extension names of common file types. This was OK until someone sleazy took advantage of that oversight and used that as a social engineering tool.

The I Love You virus (VBS_LOVELETTER) is such a simple worm, very small since it is only a script. Yet it had caused much damage, and put the Philippines in the malware map. All because it appeared as a text file and its name made a lot of people curious. All because Windows hid the extension name. All because Microsoft thought VBScript files were common.

Microsoft Vista was supposed to be a secure OS, but it seems Microsoft has not learned its lessons (or it is being stubborn). In its weblog, F-Secure laments the fact that Vista by default does not display the file extension names. I ask the same question that the post author posited: “What were they thinking?”