[<prev] [next>] [day] [month] [year] [list]
Message-ID: <070AB26042BE480E900B9DC3B2B8FFD7@acros.si>
Date: Wed, 27 Oct 2010 16:25:52 +0200
From: "ACROS Security Lists" <lists@...os.si>
To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk>,
<cert@...t.org>, <si-cert@...es.si>
Subject: Breaking The SetDllDirectory Protection Against
Binary Planting
An old unfixed Windows functional bug was just upgraded to a security bug. Our
researchers have discovered that Windows' inability to consistently expand
environment variables in user and system PATH breaks the binary planting protection
provided by the SetDllDirectory function. The article describes how already fixed
iTunes and Safari - both using SetDllDirectory - can again be successfully
binary-planted due to this bug. This time it's not Apple's fault.
http://blog.acrossecurity.com/2010/10/breaking-setdlldirectory-protection.html
Pleasant reading,
Mitja Kolsek
CEO&CTO
ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com
ACROS Security: Finding Your Digital Vulnerabilities Before Others Do
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists