Windows DLL-loading security flaw puts Microsoft in a bind

[p2p rules]

The rediscovery of an old attack method based on the way that Windows loads DLLs places Microsoft in a tricky position: a change to Windows will fix the problem once and for all, but could break third-party software that relies on the operating system working the way it has worked for 20 years. Ars explains the situation.

arstechnica.com
More information about the DLL Preloading remote attack vector
 

[White Stripes]

uh... its 'dll hell' over a networked drive.... dont think this one is too much of a biggie....

[silicon_toad2000]

so if microsoft were to 'correct' this issue, issue an 'opt out' type of hotfix and programs no longer loaded .dll files from the current directory, would that mean the community patch oledlg.dll or the winmxgroup ws32 patch would no longer work on windows OS's?

[White Stripes]

yep...

--edit--

would be better if MS 'fixed' it just for network drives not local...

--edit--

apps can specify that they want to load a dll from their own directory or be coded to avoid such... so this would only affect those that arent 'properly' coded...

[Lagerlout666]

Easily patch a patch lol

[White Stripes]

a proxy based patch as apposed to dll injection could work just as well... ...in theory...

patch a MS security patch? would honestly be better to avoid installing it...

[Lagerlout666]

I was joking, i was expecting someone to say i sound like microsoft lol.

[silicon_toad2000]

What you said was concise and to the point tiny, nothing like microsoft.

reminds me of a joke, helicopter pilot taking a few passengers for a fly around the buildings in a big city, he gets himself a bit lost looking for a particular building, hovers next to a highrise and holds up a sign "where am I?"
The people in the building hold up a sign "in a helicopter"
He flies off and finds the building he was looking for.
The passengers ask him how he found it as the people in the highrise we no help at all.
He says "ahhh, that was the microsoft building, while the information they gave me was technically correct, it was completely useless".

[Max™]

lol  i lake that, typical of microsoft, to the point and useless at the same time

[White Stripes]

http://www.computerworld.com/s/article/9181699/Windows_DLL_load_hijacking_exploits_go_wild

...it just keeps getting better....

[White Stripes]

http://support.microsoft.com/kb/2264107

install and block webDAV ... if you dont run any apps over shares set to block UNC too...


...closest thing to a 'fix' for remote attacks that wont break quite a few local apps that i can find...