I think here is what we should do: - the OpsnSSL DLLs must be loaded only from process folder of the ICS-based-our-code-exe - before loading the DLLs, we must check for their presence in RAM and fire an exception in that case.
Regards, SZ On Sat, Sep 4, 2010 at 10:29 AM, Francois PIETTE <francois.pie...@skynet.be>wrote: > Maybe you could carefully read those documentation and review ICS code to > see if it needs some improvement. If improvment is needed, then propose some > changes. Don't forget the gold rule: change in ICS must not break any > existing code. > > -- > francois.pie...@overbyte.be > The author of the freeware multi-tier middleware MidWare > The author of the freeware Internet Component Suite (ICS) > http://www.overbyte.be > > > ----- Original Message ----- From: "Zvone" <pha...@gmail.com> > To: "ICS support mailing" <email@example.com> > Sent: Saturday, September 04, 2010 1:45 AM > Subject: [twsocket] New DLL hijacking vulnerability KB 2269637 > > > > It appears that this new vulnerability requires programs to adopt >> secure DLL loading. As Microsoft says they can't fix the issue by >> patching Windows as it would mess up a lot of programs so it is up to >> programmers to fix it in their own programs. >> This applies to all programs that load external libraries (DLL files) >> one way or another - so it applies to ICS as well as it loads >> SSLEAY32.DLL and other DLL's >> >> The solution is to load DLL files in a secure manner as described here: >> >> Dynamic-Link Library Security - how to load libraries securely: >> http://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx >> >> More info about this vulnerability: >> >> Microsoft Security Advisory (2269637): >> http://www.microsoft.com/technet/security/advisory/2269637.mspx >> http://www.f-secure.com/weblog/archives/00002018.html >> >> Google search on this issue: >> http://www.google.com/search?q=KB+2269637 >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be >> > -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be