In a recent post on his blog, Mikko Hypponen of F-Secure, highlighted the risks inherent in the way Windows Vista displays file extensions. You may not know what these are and herein lies the problem
File extensions are a legacy from the days of DOS. Files were named with eleven letters, the last three were called the file extension and described what the file was. So a text file was called file.txt and a bitmap picture was called file.bmp.

When Windows arrived longer filenames became possible, although in the way of these things it was complicated by the need to maintain compatibiltiy so longfilename.txt was also known as longfi~1.txt.

So far, so benign but the problem of file extensions really became serious when Windows started hiding some of the file extensions. The rationale is that the icon reveals what the file is so there is no need to show the extension. Unfortunately virus writers discovered that giving a file two extensions would fool windows, so suspiciousfile.txt.exe displays as suspiciousfile.txt so as txt files appear benign people were more likely to try and open the file.

Other operating system now take a look inside files to find out what they are and don't just trust the extension. It's a shame that Windows cannot do this as well.