| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Sep 2010 18:54:27 -0400 From: Dan Kaminsky <dan@...para.com> To: Stefan Kanthak <stefan.kanthak@...go.de> Cc: Valdis.Kletnieks@...edu, full-disclosure@...ts.grok.org.uk Subject: Re: DLL hijacking with Autorun on a USB drive On Tue, Sep 14, 2010 at 6:07 PM, Stefan Kanthak <stefan.kanthak@...go.de> wrote: > Dan Kaminsky wrote: > >> h0h0h0. There be history, Larry. >> >> Short version: Go see how many DLLs exist outside of c:\windows\system32. >> Look, ye mighty, and despair when you realize all those apps would be broken >> by CWD DLL blocking. > > No, that's the too much shortened version. > The correct version but is: Go see how many DLLs exist outside of the DLL > search path. > CWD DLL blocking does NOT break all those apps! > Apps which install their DLLs into their own application directory won't > notice CWD blocking at all. > > And apps which break can be easily fixed: > > [HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\application.exe] > "Path"=... > > exists for more than 15 years now. > > Stefan > > An automatic patch that breaks random apps will not be an automatic patch -- and neither will the twenty patches after it. Nobody cares that the breakage "can be fixed" with some fifteen year old key. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists