CERT mailing list archives

Current Activity - Insecure Loading of Dynamic Link Libraries in Windows Applications

From: Current Activity <us-cert () us-cert gov>
Date: Wed, 25 Aug 2010 13:05:01 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Insecure Loading of Dynamic Link Libraries in Windows Applications

Original release date: August 25, 2010 at 12:01 pm
Last revised: August 25, 2010 at 12:01 pm


US-CERT is aware of a class of vulnerabilities related to how some
Windows applications may load external dynamic link libraries (DLLs).
When an application loads a DLL without specifying a fully qualified
path name, Windows will attempt to locate the DLL by searching a
defined set of directories. If an application does not securely load
DLL files, an attacker may be able to cause the affected application
to load an arbitrary library.

By convincing a user to open a file from a location that is under an
attacker's control, such as a USB drive or network share, a remote
attacker may be able to exploit this vulnerability. Exploitation of
this vulnerability may result in the execution of arbitrary code.

Additional information regarding this vulnerability can be found in
US-CERT Vulnerability Note VU#707943. US-CERT encourages users and
administrators to review the vulnerability note and consider
implementing the following workarounds until fixes are released by
affected vendors
  * disable loading libraries from WebDAV and remote network shares
  * disable the WebClient service
  * block outgoing SMB traffic

US-CERT will provide updates when additional details become available.

Relevant Url(s):
<http://www.kb.cert.org/vuls/id/707943>

====
This entry is available at
http://www.us-cert.gov/current/index.html#insecure_loading_of_dynamic_link

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTHVNMD6pPKYJORa3AQL48Af/XVHfx2VKCUJgAc+f46Z8Xt9ujwEc211N
z5Pwn41FZHYYu5kir+fevGYkKMXVAkcX6w6fs9q33jX/RrcyIIHRjn4QOsUXc5+H
4apRuIN+AAt7UwgG4emTmznAhFcAcl7Eo5YH3LlgEbARDttgHyShO2F2iCJMGtMD
sqNGQ806WYMoO8k7aikjIapPNoibRjdYHqOyvomGdJRb07C+JXLK606UNvacLena
gv9tUWtCqJjKXybquuFvlKOcJ4MVK8IpqWAz3UhfiCc4prlI9mcSSl+yd5CE00CD
CsESO7TZSVzTp9CK8v6otne+5sK0HsaJvsHBKYFhpWvDJJVAbsIjOw==
=OUeR
-----END PGP SIGNATURE-----

Current thread:

Current Activity - Insecure Loading of Dynamic Link Libraries in Windows Applications Current Activity (Aug 25)
- <Possible follow-ups>
- Current Activity - Insecure Loading of Dynamic Link Libraries in Windows Applications Current Activity (Sep 01)
- Current Activity - Insecure Loading of Dynamic Link Libraries in Windows Applications Current Activity (Sep 10)
- Current Activity - Insecure Loading of Dynamic Link Libraries in Windows Applications Current Activity (Sep 16)
- Current Activity - Insecure Loading of Dynamic Link Libraries in Windows Applications Current Activity (Oct 20)