Yes, there is. If you understand the nature of the vulnerability, that is.
Because of the way the search path works you can hijack a missing DLL for any application. Now, you have a way to prevent that from being exploited remotely. *ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp <http://www.wisestamp.com/email-install> On Tue, Aug 24, 2010 at 10:00 AM, HELP_PC <[email protected]> wrote: > You mean there isn't. > And workarounds on KB 2269637 are really idiot > > *GuidoElia* > *HELPPC* > > > ------------------------------ > *Da:* Andrew S. Baker [mailto:[email protected]] > *Inviato:* martedì 24 agosto 2010 15.41 > *A:* NT System Admin Issues > *Oggetto:* DLL hijacking vulnerabilities > > There is now an Microsoft-supplied workaround for the DLL vulnerability > that was publicized below: > > > http://www.computerworld.com/s/article/9180978/Zero_day_Windows_bug_problem_worse_than_first_thought_says_expert > > > > See the following: > > > > *DLL hijacking vulnerabilities* > > https://isc.sans.edu/diary.html?storyid=9445 > > > > *Insecure Library Loading Could Allow Remote Code Execution* > > http://www.microsoft.com/technet/security/advisory/2269637.mspx > > > > *More information about the DLL Preloading remote attack vector* > > > http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx > > > > *A new CWDIllegalInDllSearch registry entry is available to control the > DLL search path algorithm* > > http://support.microsoft.com/kb/2264107 > > > > > *ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> > *Exploiting Technology for Business Advantage...* > * * > > Signature powered by WiseStamp <http://www.wisestamp.com/email-install> > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
