[323]

> create a .exe with the icon of a familiar file type like a Word Document

But this kind of confusion attack is not really used anymore.

Now it's about convincing the user to intentionally run a binary. If the user wants to run a binary, they will do it, regardless if it means double-clicking an .exe or typing "curl | sh" in the terminal.

[londons_explore]

Windows really ought to just hash every executable file, and then whitelist good files.

Perhaps 1 million exe files are in widespread use in the world. Anything that isn't on that list, I don't want running on my corporate network.

Compilers that make an exe file can have some new windows API that says "I just compiled this file, so it's fine to run".

[323]

> Perhaps 1 million exe files are in widespread use in the world.

They already do that. It's called SmartScreen.

> Compilers that make an exe file can have some new windows API that says "I just compiled this file, so it's fine to run".

I don't think you thought this through. Because then malware will either call that new API, or ship with their own compiler.

[londons_explore]

> Because then malware will either call that new API,

As soon as malware is running, you have already lost.

This is for when the user has downloaded TotallyNotAVirus.exe from a dodgy website and tries to double click it.