DLL hijacking problem

Corinna Vinschen corinna-cygwin@cygwin.com
Fri Aug 27 13:16:00 GMT 2010


Hi,

This DLL hijacking problem goes from simmering to boiling pretty fast
right now:
http://www.microsoft.com/technet/security/advisory/2269637.mspx
The exploit DB fills rapidly in the last couple of days:
http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=DLL+Hijacking&filter_author=&filter_platform=0&filter_type=0&filter_port=&filter_osvdb=&filter_cve=

Given
http://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx

I propose to change all calls to

  LoadLibrary ("any-Win32-system.dll")

to (basically) 

  GetSystemDirectory (path);
  strcat (path, "\\any-Win32-system.dll");
  LoadLibrary (path);

Or does anybody think this is overreacting?


Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat



More information about the Cygwin-developers mailing list