Bugtraq mailing list archives
Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
From: "Timothy J. Miller" <cerebus () SACKHEADS ORG>
Date: Tue, 19 Sep 2000 15:35:06 -0500
"John Lange" <lists () darkcore net> writes:
Changing the search path for DLLs would break a good portion of windows apps, especially legacy apps.
Absolutely.
In my previous life as a windows programmer, often the trick to get some older apps working was to find the older version of some DLL that it was looking for and put it in the same directory as the application so it would load those ones instead of whatever twisted version now exists in the windows/system directory.
Been there, done that. Welcome to DLL Hell.
Thus I think we will be forced to live with this security hole though the OS should be patched so that it never loads DLLs across network devices or at least obeys the security settings of the machine.
I'm not sure how this would protect anyone. What about systems not using shares? If I can poison that .ZIP you just nicked, I've still got you. And there remain plenty of ways I can get an arbitrary file into a *non-system* area of your disk. Good policy on UNIX boxen is to *never* use '.' in PATH or LD_LIBRARY_PATH. This is exactly what Windows is doing.
Funny that I've known this for a very long time but never thought about using it to load trojan DLLs.
I should have as well, but I never did. Oh well. Now the fun begins, neh?
Current thread:
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Microsoft Security Response Center (Sep 18)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Timothy J. Miller (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases John Lange (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Timothy J. Miller (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorermay execute arbitrary programs in some cases Crist Clark (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Chip Andrews (Sep 20)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases John Lange (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Matthew Dharm (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases aleph (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Milan Kopacka (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases van der Kooij, Hugo (Sep 19)
- <Possible follow-ups>
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Todd Ransom (Sep 19)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Francis Favorini (Sep 19)
(Thread continues...)
- Re: Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Timothy J. Miller (Sep 19)