Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DLL hijacking with Autorun on a USB drive

From: Valdis.Kletnieks () vt edu
Date: Fri, 27 Aug 2010 01:05:05 -0400
On Thu, 26 Aug 2010 20:39:04 PDT, Dan Kaminsky said:


There may very well be a legitimate boundary cross from this DLL  
stuff, but we haven't seen it yet. All the present stuff has the  
indelible mark of a false boundary, in that no fix can be imagined  
that actually closes the vector.


Oh you're wrong there Dan.  I can imagine fixes that would close the
vector (starting with fixes that impose a legitimate enforcable boundary).

Fixes that will be accepted by Joe Sixpack? I think we saw where UAC ended up. :)

Attachment: _bin
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: