I don't know if this is programming technique is "common", but I've not
seen it before. I'm running the MS antispyware beta 1 on Windows XP sp2.
I hooked up a 2nd monitor to my laptop. I set the resolution to
1600x1200, and the monitor position in relation to the primary, is to the
left. Align the bottom screens. You can use a different resolution, I
imagine, if you offset the positions of the monitors.
On the 2nd monitor I found a program window "hiding". Basically, in a
very odd position -- on a typically non-displayed portion of the desktop,
which I only found by configuring multiple monitors. It seems the
programmers are "hiding" a window, which I have attached as a jpg. For
those that don't want to open an attachment:
there are 5 buttons: systrayhide, systrayshow, systraynormal,
systrascanning, systrayupdating.
The window title is gcasDtServHolder
Clicking the buttons modifies the tooltip associated with the system
tray icon. I can hide/show the systray icon. The status of the icon
also changes from Active to Running when Normal is selected, and I then
click either the Scanning or Updating button.
Closing the window removes the system tray icon and apparently closes
the program.
I do not know if this possibly leads to a vulnerability or not.
Mike
------------------------------------------------------------------------
------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/