Re: L0pht Security Advisory: Windows NT

[paul () ARGO DEMON CO UK (Paul Ashton)]

Dildog <dildog () L0PHT COM> writes:
>                           L0pht Security Advisory

> ---
> Workarounds/Fixes:
> ---
>
>       I developed a patch for this security problem in the form of a
> Win32 Service program that can be installed by the Administrator of the
> system. It sets itself to run every time the system is started, and before
> the user has the opportunity to start a program, it adjusts the
> permissions of the DLL cache to something much safer.

Alternatively, you can set
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ProtectionMode=1
and reboot.


Paul