I think that depends if its installed and on how the setting is configured. Some environments are going to require DLLs to be loaded from remote shares, others not. This isnt a 'patch' to a software security flaw, its a security setting. Im guessing the default configuration maybe messing around with the mentioned PoC, that was my only point.
On Thu, Sep 2, 2010 at 11:08 AM, Christian Sciberras <[email protected]> wrote: > Uh, what I was asking, is, with this patch in place, the issue is fixed, > forever? > > Cheers, > Chris. > > On Thu, Sep 2, 2010 at 11:07 AM, Darren McDonald <[email protected]> > wrote: >> >> We're not, Microsoft have decided to make it the system administrators >> problem through this registry setting. Which is fair enough IMO :) >> >> On Thu, Sep 2, 2010 at 11:03 AM, Christian Sciberras <[email protected]> >> wrote: >> > Thanks Darren, that was very enlightening. >> > Considering those facts, where are we at in fixing this whole issue? >> > >> > Cheers, >> > Chris. >> > >> > >> > >> > >> > >> > On Thu, Sep 2, 2010 at 10:37 AM, Darren McDonald <[email protected]> >> > wrote: >> >> >> >> http://support.microsoft.com/kb/2264107 >> >> >> >> On Thu, Sep 2, 2010 at 10:30 AM, Christian Sciberras >> >> <[email protected]> >> >> wrote: >> >> > As I said above, it was tested on Windows 7 64bit. >> >> > As to the dll as far as I know, I'm not sure about that, however, it >> >> > should >> >> > be an easy matter of checking the binary file. >> >> > Currently, I'm not on a terminal which I can do that, though. >> >> > >> >> > Cheers, >> >> > Chris. >> >> > >> >> > >> >> > 2010/9/2 YGN Ethical Hacker Group <[email protected]> >> >> >> >> >> >> Is your Windows 7 64-bit ? >> >> >> Your DLL is 64-bit compatible? >> >> > >> >> > >> >> > _______________________________________________ >> >> > Full-Disclosure - We believe in it. >> >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> > >> >> >> >> _______________________________________________ >> >> Full-Disclosure - We believe in it. >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >> > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
