On Tue, Aug 24, 2010 at 6:40 PM, Carl Houseman <[email protected]> wrote: > As regards SafeDLLSearchMode, it does not guarantee mitigation, because an > application can try to load a .dll that isn't in any of the locations before > reaching the CWD. I would imagine there are plenty of applications that > might attempt to load a user-provided .dll containing custom code.
From experience looking for other problems with ProcMon, I can say that many processes try to load all sorts of DLLs which aren't there. Presumably features they support but do not depend on. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
