[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3da3d8310611041333l736f82bdm6718217368db199e@mail.gmail.com>
Date: Sat, 4 Nov 2006 16:33:17 -0500
From: "Eliah Kagan" <degeneracypressure@...il.com>
To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: Internet Explorer 7 - Still Spyware Writers' Heaven
On 11/4/06, Joshua Gimer wrote:
> If Microsoft is not planning on providing a fix for this until Vista, I can
> see a worm coming from this.
It's highly unlikely that this would be useful to the spreading of a
worm. Worms infect computers over a network, relying either on
remotely exploitable vulnerabilities that require no user interaction,
or on vulnerabilities that require user interaction where it is easy
to produce the necessary user action. Getting a malicious file into a
user's path (or the system path) is nontrivial, and generally requires
that something else be going on.
> Forgive me if I don't know how this works in
> the windows world, but when it is looking for this DLL, does it take the
> first one that it finds within your path; like in UNIX? Or does it look in
> all directories within your path and then decide? I am guessing the former,
> but I am just clarifying.
It is the former--for libraries (DLLs) or executables (.exe, .com,
.bat, .cmd, and so forth) the one that gets linked to or executed when
the path is searched is the one that is in the earliest directory in
the path (or the one that is in the working directory--unlike in *nix
systems, in Windows the current directory--typically the directory
that the calling program is located in--is searched first, before the
path is consulted; you may see similar behavior in some *nix systems,
but in such cases you will find that in actuality the directory "." is
in the path).
-Eliah
Powered by blists - more mailing lists