Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Windows DLL bug hits dozens of apps

27 Aug 2010   #11

Windows 7 & Windows Vista Ultimate

There is the download in KB 2264107. Perhaps it will be rolled in to a SP. However, I am thinking that Microsoft may only be able to address Microsoft products because I gather the details may vary from application to application. Thus, I gather this is not just a Microsoft issue.

My System SpecsSystem Spec
31 Aug 2010   #12

Windows 7 & Windows Vista Ultimate
Update on Security Advisory 2269673

(Cross-posting due to multiple topics on this issue.)

As described in the Security, Research & Defense blog (linked below), the following would need to occur in order to be exploited:
"this class of vulnerabilities could allow malicious code to run if an attacker can convince a victim to do the following:
  • Browse to a malicious, untrusted WebDAV server in the Internet Zone; and
  • Double-click a file that appears by its extension and icon to be safe"
Microsoft plans to address the Microsoft products affected by this issue, primarily be in the form of security updates or defense-in-depth updates. However, as to third-party products, it is up to those vendors to provide patches for their affected software, which may take some time or, as Jerry Bryant indicated, may not be possible. As a result, the Microsoft Fix it Team has developed a Fix it solution to enable the Microsoft-recommended setting which blocks most network-based vectors.

Microsoft Fix it 50522 Steps:
  1. Download and then install update 2264107, available from the bottom of the page at KB 2264107.
  2. From the same page, click the Fix it button or link under the Enable this fix it heading. Click Run in the File Download dialog box, and then follow the steps in the fix it wizard.

    The Fix it solution will deploy the registry entry that is needed to block nonsecure DLL loads from WebDAV and SMB locations.
Note: The tool is limited to protecting against DLL preloading only and does not protect against .exe files that do not properly load files via a fully qualified path. As stated previously, the software vendors will be required to update those applications accordingly.

My System SpecsSystem Spec

 Windows DLL bug hits dozens of apps

Thread Tools

Similar help and support threads
Thread Forum
Dozens of BSOD's
Ever since I first got this computer I've been getting multiple BSOD's. I purchased this computer from CyberPower PC and about a week into playing around with it I got my first BSOD. Now what I should have done is shipped it back to CyberPower, but I didn't because I am stubborn and I wanted to...
BSOD Help and Support
Pre-release Windows 8 code hits PC makers
Pre-release Windows 8 code hits PC makers Microsoft prepping IE 10, already? Source ...
Windows 7 hits RTM
Microsoft today announced that Windows 7 and Windows Server 2008 R2 have hit the Release to Manufacturing (RTM) milestone. The software giant still has a lot of work to do, but the bigger responsibility now falls to OEMs that must get PCs ready, Independent Software Vendors (ISVs) that are testing...
Windows 7 Hits a New Low
Windows 7 Hits a New Low No not its expectation or usage but its lowest boot specification!!! Screenshots below: 128 MB memory

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 23:45.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App