'Re: MS-ISAC Informational Bulletin: Windows Application Dynamic-Link Library Load Hijacking'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       patchmanagement
Subject:    Re: MS-ISAC Informational Bulletin: Windows Application Dynamic-Link Library Load Hijacking
From:       Emin <emin.atac () gmail ! com>
Date:       2010-08-27 19:26:06
Message-ID: AANLkTi=F2pGmdx=pK+zHymjb08ybm4NVWoNJAnLFGqii () mail ! gmail ! com
[Download RAW message or body]

You just forgot to mention that you first need to install the
KB2264107, reboot and then apply the registry changes below.

See http://support.microsoft.com/kb/2264107

On Fri, Aug 27, 2010 at 5:15 PM, Paul J Baratelli
<Paul.Baratelli@nerc.net> wrote:
> This is the solution my IT department implemented for this issue.
> 
> Example 1: How to disable loading DLLs from a WebDAV share for all applications \
> that are installed on your local computer 
> 1.     Log on to your computer as an administrator.
> 2.     Open Registry Editor.
> 3.     Locate and then click the following registry subkey: \
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager 4.     \
> Right-click Session Manager, point to New, and then click Dword Value. 5.     Type \
> CWDIllegalInDllSearch, and then click Modify. 6.     In the Value data box, type 1, \
> and then click OK. 
> 
> Paul Baratelli
> North American Electric Reliability Corporation
> (609) 452-8060 - Work
> (609) 524-7044 - Work Direct Dial
> (609) 452-9550 - Fax
> (609) 915-2136 - Cell
> Paul.Baratelli@nerc.net
> 
> ---
> When posting or replying to messages on this list, please send all
> emails in plain text format.  HTML formatted messages will not be accepted.
> 
> PatchManagement.org is hosted by Shavlik Technologies
> 
> To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
> If you are unable to unsubscribe via this email address, please email
> owner-patchmanagement@patchmanagement.org
> 
> 

---
When posting or replying to messages on this list, please send all
emails in plain text format.  HTML formatted messages will not be accepted.

PatchManagement.org is hosted by Shavlik Technologies

To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic