With Service Pack 2, Microsoft introduces a new security feature which
warns users before executing files that originate from an untrusted
location (zone) such as the Internet.
There are two flaws in the implementation of this feature: a cmd issue
and the caching of ZoneIDs in Windows Explorer. The Windows command shell
cmd ignores zone information and starts executables without warnings.
Virus authors could use this to spread viruses despite the new security
features of SP2.
Windows Explorer do
