Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: DLL hijacking vulnerabilities SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DLL hijacking vulnerabilities
FYI, Wolfgang Kandek, CTO, Qualys, Inc. writes:

"We recommend installing the hotfix in KB2264107 and setting the registry to not allow loading of binaries via network shares and WebDAV (setting 2) as soon as possible."

Citation:
http://laws.qualys.com/2010/08/microsoft-provides-advisory-fo.html

My comment:

Setting the value to 1 as recommended by Microsoft does not prevent loading of binaries from network shares.
w8sdz

2 Posts
@tired

Proactive security = we try to get fixes together and get Microsoft to get them out there so we can stop this stuff in its tracks before it becomes an issue.

Reactive security = A SQL Slammer type worm with everything crashing and we don't have any tools to restore traffic and usability.

Your choice...
w8sdz
57 Posts

Sign Up for Free or Log In to start participating in the conversation!