[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Breaking The SetDllDirectory Protection Against Binary Planting

An old unfixed Windows functional bug was just upgraded to a security bug. Our
researchers have discovered that Windows' inability to consistently expand
environment variables in user and system PATH breaks the binary planting protection
provided by the SetDllDirectory function. The article describes how already fixed
iTunes and Safari - both using SetDllDirectory - can again be successfully
binary-planted due to this bug. This time it's not Apple's fault.


Pleasant reading,

Mitja Kolsek

ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do