Threaded View
-
August 24th, 2010 03:46 PM #1
- Join Date
- Oct 2009
- Location
- The land of Hockey and Rock music
- Posts
- 5,016
- Mentioned
- 16 Post(s)
- Tagged
- 434 Thread(s)
- Sex:
Microsoft releases Update to block DLL load hijacking attack
Some time back there were reports about a security issue that affected about 40 different Windows apps. Microsoft has quickly responded to such reports of potential zero-day attacks against such Windows programs by publishing an update or tool to block such exploits. However Microsoft also clarified that the flaw isn’t in Windows.
Microsoft has issued a Security Advisory (2269637) titled, Insecure Library Loading Could Allow Remote Code Execution. https://www.microsoft.com/technet/sec...y/2269637.mspx
“Microsoft is aware that research has been published detailing a remote attack vector for a class of vulnerabilities that affects how applications load external libraries. This issue is caused by specific insecure programming practices that allow so-called “binary planting” or “DLL preloading attacks”. These practices could allow an attacker to remotely execute arbitrary code in the context of the user running the vulnerable application when the user opens a file from an untrusted location.”
Microsoft has also released an Update that will block the loading of DLL’s from remote directories.
This update introduces a new registry key CWDIllegalInDllSearch that allows users to control the DLL search path algorithm. The DLL search path algorithm is used by the LoadLibrary API and the LoadLibraryEx API when DLLs are loaded without specifying a fully qualified path.
When an application dynamically loads a DLL without specifying a fully qualified path, Windows tries to locate this DLL by searching through a well-defined set of directories. These sets of directories are known as DLL search path. As soon as Windows locates the DLL in a directory, Windows loads that DLL. If Windows does not find the DLL in any of the directories in the DLL search order, Windows will return a failure to the DLL load operation.
More details & download links at KB2264107. https://support.microsoft.com/kb/2264107
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
Microsoft Releases Update to Fix Unexpected Shutdown or Blue
By razorsedge in forum News & ReviewsReplies: 0Last Post: September 29th, 2010, 11:08 PM -
Microsoft Releases Update to Fix Thumbnail Controls Display
By razorsedge in forum News & ReviewsReplies: 0Last Post: September 8th, 2010, 08:59 PM -
Microsoft Releases Update for Windows 7 to Improve Graphics
By razorsedge in forum News & ReviewsReplies: 2Last Post: August 29th, 2010, 09:23 AM -
Microsoft Releases Out-of-Band Security Update to Address Wi
By razorsedge in forum News & ReviewsReplies: 0Last Post: August 4th, 2010, 06:32 AM
Welcome. I will let the veterans of the forum answer your question as they have the authority. From my perspective, I came here looking for answers on how to tweak a theme to my liking and this...
Hello world, I am...