MSN Messenger is vulnerable to the shell: hole

[Jesse Ruderman <jruderman () hmc edu>]

Clicking a shell:windows\notepad.exe link in MSN Messenger 6.2.0137 
launches Notepad.  MSN Messenger even recognizes shell: as a protocol 
and helpfully hyperlinks the URL.

Ctrl+clicking a shell:windows\notepad.exe link in Microsoft Word 
10.2627.3311 launches Notepad.

What others Windows programs (browsers, e-mail clients, IM clients, word 
processors, etc.) are vulnerable to the shell: hole?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html