- BY deepak
- POSTED IN IT Security
- WITH 0 COMMENTS
- PERMALINK
- STANDARD POST TYPE
Due to the way Microsoft Windows loads dynamically linked libraries (DLLs), an application may load an attacker-supplied DLL instead of the legitimate one, resulting in the execution of arbitrary code.
Attacks against this type of vulnerability have been referred to as “binary planting.” Please see Vulnerability Note VU#707943 and Microsoft Security Advisory 2269637 for more information.
Solution
Individual applications that run on the Windows platform may require patches or updates. Microsoft Knowledge Base article KB2264107 describes an update that provides a registry key that can prevent Windows from searching the current working directory for DLL files.
More info:
Vulnerability Note VU#707943 – http://www.kb.cert.org/vuls/id/707943
Microsoft Security Advisory (2269637) – http://www.microsoft.com/technet/security/advisory/2269637.mspx
A new CWDIllegalInDllSearch registry entry is available to control the DLL search path algorithm – http://support.microsoft.com/kb/2264107
Peace
Deepak