Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Windows DLL-loading security flaw puts Microsoft in a bind

25 Aug 2010   #1

Win 7 Ultimate 64-bit. SP1.
Windows DLL-loading security flaw puts Microsoft in a bind


Last week, HD Moore, creator of the Metasploit penetration testing suite, tweeted about a newly patched iTunes flaw. The tweet said that many other (unspecified) Windows applications were susceptible to the same issue—40 at the time, but probably hundreds.

The problem has been named, or rather, renamed, "Binary Planting," and it stems from an interaction between the way Windows loads DLLs and the way it handles the "current directory." Every program on Windows has a notion of a "current directory"; any attempt to load a file using a relative path (that is, a path that does not start with a drive letter or a UNC-style "\\server" name) looks in the current directory for the named file. This concept is pretty universal—Unix-like systems have the same, called a "working directory"—and it's a decades-old feature of operating systems.

Windows, again in common with other operating systems, has the ability to load DLLs at runtime, during the execution of a program.

Where Windows is different from other operating systems is that it combines these two features; when a program instructs Windows to load a DLL, Windows looks in several different places for the library, including the current directory. Critically, it searches the current directory before looking in more likely locations such as the System32 directory, where most system libraries reside.
Windows DLL-loading security flaw puts Microsoft in a bind

My System SpecsSystem Spec

 Windows DLL-loading security flaw puts Microsoft in a bind

Thread Tools

Similar help and support threads
Thread Forum
Microsoft, Adobe: PDF security flaw treatable
Read more: Microsoft, Adobe: PDF security flaw treatable | Security - CNET News
Free Microsoft Security Tool Kills Worm Targeting Critical Windows Flaw
Microsoft has updated the Malicious Software Removal Tool, a free security tool the company is offering Windows users to fight specific malware, in order to defend themselves agaist a prevalent worm that targets a Critical Windows vulnerability. Back in October 2008, the Redmond company made...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:33.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App