Steve Dower, Thanks for sharing this with us.
Any workaround to mitigate this? Cheers, Marlon Petry On Tue, Jan 28, 2020, 23:48 Steve Dower <steve.do...@python.org> wrote: > A DLL hijacking vulnerability has been discovered in CPython 3.6, 3.7 > and 3.8 when running on Windows 7 or earlier. > > An attacker who is able to place a DLL "api-ms-win-core-path-l1-1-0.dll" > earlier on the DLL search path than the System32 directory could cause > their file to be loaded and executed at interpreter startup instead of > the system one. > > Prior to Windows 7, this file does not exist and may be placed anywhere > on the search path. After Windows 7, the DLL is loaded directly from its > API set and not using the search path. Only Windows 7 is impacted. > > Patches to ensure that only the System32 copy of the file is loaded are > linked from the bug page below. The next release of each version > (3.6.11, 3.7.7, 3.8.2) will include the fixes. Python 3.9 does not > support Windows 7, and so is unimpacted. > > Note that this attack will likely work against other applications on > Windows 7, and it is not unique to CPython. Upgrading to a supported > operating system is recommended. > > CVE page: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8315 > Bug page: https://bugs.python.org/issue39401 > > Cheers, > Steve Dower and the Python Security Response Team > _______________________________________________ > Security-announce mailing list -- security-annou...@python.org > To unsubscribe send an email to security-announce-le...@python.org > https://mail.python.org/mailman3/lists/security-announce.python.org/ >
_______________________________________________ Security-SIG mailing list -- security-sig@python.org To unsubscribe send an email to security-sig-le...@python.org https://mail.python.org/mailman3/lists/security-sig.python.org/
