Explorer security flaw with BinHex (hqx) files

Ben Hines writes: "Running Mac OS X 10.1 and Explorer 5.1, enter this URL (it's intended as a demo of the problem). Explorer will auto extract and autorun the downloaded application! It appears this will happen with any application which is binhexed (but not stuffed)."

Christopher Blomquist confirms this security flaw in Explorer 5.1. The BinHex files are handled by Explorer directly, not StuffIt. "The risk is that these downloaded files could be viruses or other destructive applications or scripts. The way to protect yourself is to deactivate the 'Automatically Decode MacBinary/BinHex files' in Explorer's Download Options preferences."