August 19, 2010

Researcher: Code-execution bug affects 200 Windows apps

I just got back from my annual week at the the beach and came across this news:

About 200 Windows applications are vulnerable to remote code-execution attacks that exploit a bug in the way the programs load binary files for the Microsoft operating system, a security researcher said Thursday.
The critical vulnerability, which has already been patched in Apple's iTunes media player for Windows and VMware Tools, will be especially challenging to fix, because each application will ultimately need to receive its own patch, Mitja Kolesk, CEO of application security consultancy Acros Security, told The Register.
This remind me of problems in the past such as the GDI+ problems from years past and other situations where maybe you deployed a DLL privately, via a Merge Module ( that you must service but who knows if the vendor will provide an update ) or perhaps even a statically linked C++ library that has a problem.

Anyways, does anyone know which library is the problem here? I haven't actually found any public disclosure at this level yet but I'll be sure to update this blog if I do.

1 comment:

  1. your own lib :-)

    Thi is Microsofts by-design error,
    keywords:
    Search Path, Load Library... DLL hijacking

    Vendors must use FQPNs and take care of loading the correct library

    ReplyDelete