Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New DLL Vulnerability Exploited in the Wild


  • Please log in to reply
1 reply to this topic

#1 KarstenHansen

KarstenHansen

    The Dane


  • Members
  • 1,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:03 PM

Posted 26 August 2010 - 04:07 AM

Over the weekend, Microsoft issued a new security advisory which covered a vulnerability in how Windows handles DLL files. The attack scenario would go this way: a vulnerable application would be used to open a file.

TrendMicro blog

Good info, enjoy
Karsten

Edited by KarstenHansen, 26 August 2010 - 04:08 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,939 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:03 PM

Posted 02 September 2010 - 05:30 PM

An update on the DLL-preloading remote attack vector

Last week, we released Security Advisory 2269637 notifying customers of a publicly disclosed remote attack vector to a class of vulnerabilities affecting applications that load dynamic-link libraries (DLL’s) in an insecure manner. At that time, we also released a tool to help protect systems by disallowing unsafe DLL-loading behavior.

Today we wanted to provide an update by answering several questions we have received from customers and addressing common misperceptions about the risk posed by this class of vulnerability...

We have received several questions regarding the best way to enable the protection tool released on the Microsoft Download Center last week.

First, you should know that downloading and installing the tool alone will not protect a workstation from vulnerable applications. It ships “off-by-default” and must be enabled either system-wide or for specific applications. After releasing this tool, we received a number of questions on how best to deploy it. We have now updated the KB article to address them. We encourage you to review the updated knowledge base article 2264107...


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users