+1, M$ has documented the right way of doing it, it's the developers of the software that is vulnerable that are the main culprit.
Doesn't mean that we aren't going to live a lot of pain from this one.... Just another issue on the pile to deal with. Glad I got a HIPS around the workstations, which mitigates the threat accordingly. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 -----Original Message----- From: Michael B. Smith [mailto:[email protected]] Sent: Thursday, August 26, 2010 9:57 AM To: NT System Admin Issues Subject: RE: Insecure Library Loading Vulnerability I can't go along with you here. This has been documented as an issue -- for decades -- and MSFT has told people how to do it right -- for decades. Don't blame MSFT as a company for people (including some internal programmers!) for not following safe programming recommendations. Changing this behavior removes functionality that MAY BE DESIRABLE. Just not in every situation. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -----Original Message----- From: Ben Scott [mailto:[email protected]] Sent: Thursday, August 26, 2010 9:46 AM To: NT System Admin Issues Subject: Re: Insecure Library Loading Vulnerability On Thu, Aug 26, 2010 at 9:08 AM, Steven M. Caesare <[email protected]> wrote: > For all of the bashing MS gets, I think it's good to see that > internally the security teams take the vuln notifications seriously > and were diligent in cooperating... Seriously? As I mentioned earlier, Microsoft's software has been criticized for its search path behavior for literally decades. MS-DOS had this problem and people pointed it out. Microsoft waited until this started to be seriously attacked before doing anything about it. They deserve condemnation on this one, not praise. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
