Bugtraq mailing list archives
Breaking The SetDllDirectory Protection Against Binary Planting
From: "ACROS Security Lists" <lists () acros si>
Date: Wed, 27 Oct 2010 16:25:52 +0200
An old unfixed Windows functional bug was just upgraded to a security bug. Our researchers have discovered that Windows' inability to consistently expand environment variables in user and system PATH breaks the binary planting protection provided by the SetDllDirectory function. The article describes how already fixed iTunes and Safari - both using SetDllDirectory - can again be successfully binary-planted due to this bug. This time it's not Apple's fault. http://blog.acrossecurity.com/2010/10/breaking-setdlldirectory-protection.html Pleasant reading, Mitja Kolsek CEO&CTO ACROS, d.o.o. Makedonska ulica 113 SI - 2000 Maribor, Slovenia tel: +386 2 3000 280 fax: +386 2 3000 282 web: http://www.acrossecurity.com ACROS Security: Finding Your Digital Vulnerabilities Before Others Do
Current thread:
- Breaking The SetDllDirectory Protection Against Binary Planting ACROS Security Lists (Oct 27)