Posted by Virus Bulletin on Sep 1, 2010
Earlier workaround believed to be too complex for most users.
A week after Microsoft released a fix for a DLL vulnerability that affected a large number of programs running on its operating systems, it has released a second fix for the same problem.
DLLs (Dynamic Link Libraries), which contain commonly used functions, are essential to most programs running on Windows operating systems. When a program needs a certain library but doesn't specify its location, Windows looks for libraries in certain places, including the user directory.
By changing this user directory to something it controls and by storing a malicious version of the library there, a piece of malware can make otherwise harmless programs use part of these malicious libraries. Programs that are vulnerable to this kind of attack include Microsoft Office Powerpoint 2007, Skype and Opera.
While software developers are working hard to fix their programs, Microsoft released a workaround last week which prevented insecure DLLs from loading from remote and local file sharing locations. However, the fix meant the user had to make some manual changes to the registry, which can cause harm if not done correctly. Home users in particular were put off by this. The new fix does not have this problem.
More can be found at the blog of security journalist Brian Krebs here, where there is also an explanation of how to apply the fix.
Posted on 01 September 2010 by Virus Bulletin
