Sponsor for PC Pals Forum

Author Topic: Microsoft admits new attack route for massive DLL flaw  (Read 1195 times)

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Microsoft has confirmed a new way of using an old DLL flaw could leave third-party applications - as well as its own - open to attack.

When applications load dynamic link libraries where the programmer has been sloppy and not used the full path name, an attacker can hijack the process to load his own code.

Such DLL uploading techniques are well-known to Microsoft, but the new method adds the ability to attack via a shared network drive, meaning the hack could be undertaken remotely.

Read more: http://www.pcpro.co.uk/news/security/360547/microsoft-admits-new-attack-route-for-massive-dll-flaw
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Microsoft admits new attack route for massive DLL flaw
« Reply #1 on: August 24, 2010, 13:51 »
I'm going back to my BBC Micro. :)
Slainthe!

Rik

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Microsoft admits new attack route for massive DLL flaw
« Reply #2 on: August 24, 2010, 14:28 »
I'm going back to my BBC Micro. :)

bet you could get it working with a network.

There is another solution though: http://www.ubuntu.com/
- sam | @starrydude --

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Microsoft admits new attack route for massive DLL flaw
« Reply #3 on: August 24, 2010, 14:31 »
I'd never have guessed you'd say that, Sam.   ;D
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Microsoft admits new attack route for massive DLL flaw
« Reply #4 on: August 24, 2010, 15:47 »
 :laugh:
Slainthe!

Rik


Show unread posts since last visit.
Sponsor for PC Pals Forum