lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 4 Nov 2006 16:33:17 -0500 From: "Eliah Kagan" <degeneracypressure@...il.com> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: Internet Explorer 7 - Still Spyware Writers' Heaven On 11/4/06, Joshua Gimer wrote: > If Microsoft is not planning on providing a fix for this until Vista, I can > see a worm coming from this. It's highly unlikely that this would be useful to the spreading of a worm. Worms infect computers over a network, relying either on remotely exploitable vulnerabilities that require no user interaction, or on vulnerabilities that require user interaction where it is easy to produce the necessary user action. Getting a malicious file into a user's path (or the system path) is nontrivial, and generally requires that something else be going on. > Forgive me if I don't know how this works in > the windows world, but when it is looking for this DLL, does it take the > first one that it finds within your path; like in UNIX? Or does it look in > all directories within your path and then decide? I am guessing the former, > but I am just clarifying. It is the former--for libraries (DLLs) or executables (.exe, .com, .bat, .cmd, and so forth) the one that gets linked to or executed when the path is searched is the one that is in the earliest directory in the path (or the one that is in the working directory--unlike in *nix systems, in Windows the current directory--typically the directory that the calling program is located in--is searched first, before the path is consulted; you may see similar behavior in some *nix systems, but in such cases you will find that in actuality the directory "." is in the path). -Eliah _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists