[Full-disclosure] DLL hijacking with Autorun on a USB drive
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Aug 27 06:05:05 BST 2010
On Thu, 26 Aug 2010 20:39:04 PDT, Dan Kaminsky said:
> There may very well be a legitimate boundary cross from this DLL
> stuff, but we haven't seen it yet. All the present stuff has the
> indelible mark of a false boundary, in that no fix can be imagined
> that actually closes the vector.
Oh you're wrong there Dan. I can imagine fixes that would close the
vector (starting with fixes that impose a legitimate enforcable boundary).
Fixes that will be accepted by Joe Sixpack? I think we saw where UAC ended up. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100827/fe3698a8/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.