Re: [Full-disclosure] DLL hijacking POC (failed, see for yourself)



Uh, what I was asking, is, with this patch in place, the issue is fixed,
forever?

Cheers,
Chris.

On Thu, Sep 2, 2010 at 11:07 AM, Darren McDonald <darren@xxxxxxxxxxxxx>wrote:

We're not, Microsoft have decided to make it the system administrators
problem through this registry setting. Which is fair enough IMO :)

On Thu, Sep 2, 2010 at 11:03 AM, Christian Sciberras <uuf6429@xxxxxxxxx>
wrote:
Thanks Darren, that was very enlightening.
Considering those facts, where are we at in fixing this whole issue?

Cheers,
Chris.





On Thu, Sep 2, 2010 at 10:37 AM, Darren McDonald <athena@xxxxxxxxxxxxx>
wrote:

http://support.microsoft.com/kb/2264107

On Thu, Sep 2, 2010 at 10:30 AM, Christian Sciberras <uuf6429@xxxxxxxxx

wrote:
As I said above, it was tested on Windows 7 64bit.
As to the dll as far as I know, I'm not sure about that, however, it
should
be an easy matter of checking the binary file.
Currently, I'm not on a terminal which I can do that, though.

Cheers,
Chris.


2010/9/2 YGN Ethical Hacker Group <lists@xxxxxxxx>

Is your Windows 7 64-bit ?
Your DLL is 64-bit compatible?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/