Microsoft admits new attack route for massive DLL flaw

Started by Simon, Aug 24, 2010, 12:43:00

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Simon

Microsoft has confirmed a new way of using an old DLL flaw could leave third-party applications - as well as its own - open to attack.

When applications load dynamic link libraries where the programmer has been sloppy and not used the full path name, an attacker can hijack the process to load his own code.

Such DLL uploading techniques are well-known to Microsoft, but the new method adds the ability to attack via a shared network drive, meaning the hack could be undertaken remotely.

Read more: http://www.pcpro.co.uk/news/security/360547/microsoft-admits-new-attack-route-for-massive-dll-flaw
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Glenn

Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

esh

Hard to say if it's MS or the programmers at fault here. I guess it's easy to overlook from the programmer's point of view. You can imagine just coding it like that while testing/building and then never neatening it up because it worked.

I always found it interesting how on Unix systems to run a program in your current directory like 'myapp' you could not simply type 'myapp' and press enter to run it, just in case another program of the same name had been maliciously inserted there when you expected something else to run. You have to explicitly do './myapp'. Annoyance or security?
CompuServe 28.8k/33.6k 1994-1998, BT 56k 1998-2001, NTL Cable 512k 2001-2004, 2x F2S 1M 2004-2008, IDNet 8M 2008 - LLU 11M 2011