This is the mail archive of the
cygwin-developers
mailing list for the Cygwin project.
Re: DLL hijacking problem
- From: Christopher Faylor <cgf-use-the-mailinglist-please at cygwin dot com>
- To: cygwin-developers at cygwin dot com
- Date: Fri, 27 Aug 2010 09:38:29 -0400
- Subject: Re: DLL hijacking problem
- References: <20100827131614.GT6726@calimero.vinschen.de>
- Reply-to: cygwin-developers at cygwin dot com
On Fri, Aug 27, 2010 at 03:16:14PM +0200, Corinna Vinschen wrote:
>Hi,
>
>This DLL hijacking problem goes from simmering to boiling pretty fast
>right now:
>http://www.microsoft.com/technet/security/advisory/2269637.mspx
>The exploit DB fills rapidly in the last couple of days:
>http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=DLL+Hijacking&filter_author=&filter_platform=0&filter_type=0&filter_port=&filter_osvdb=&filter_cve=
>
>Given
>http://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx
>
>I propose to change all calls to
>
> LoadLibrary ("any-Win32-system.dll")
>
>to (basically)
>
> GetSystemDirectory (path);
> strcat (path, "\\any-Win32-system.dll");
> LoadLibrary (path);
>
>Or does anybody think this is overreacting?
No, I was thinking the same thing after seeing the discussion of the
problem in Slashdot.
cgf