Topic: Microsoft admits new attack route for massive DLL flaw

[Simon]

Microsoft has confirmed a new way of using an old DLL flaw could leave third-party applications - as well as its own - open to attack.

When applications load dynamic link libraries where the programmer has been sloppy and not used the full path name, an attacker can hijack the process to load his own code.

Such DLL uploading techniques are well-known to Microsoft, but the new method adds the ability to attack via a shared network drive, meaning the hack could be undertaken remotely.

Read more: http://www.pcpro.co.uk/news/security/360547/microsoft-admits-new-attack-route-for-massive-dll-flaw

[Rik]

I'm going back to my BBC Micro.

[sam]

I'm going back to my BBC Micro.

bet you could get it working with a network.

There is another solution though: http://www.ubuntu.com/

[Simon]

I'd never have guessed you'd say that, Sam.   

[Rik]