diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Aug312010

DLL-preloading Remote Attack Vector coming To Windows Server Update Services (WSUS)

Last week, Microsoft released SA 2269637 notifying customers of a publicly disclosed remote attack vector to a class of vulnerabilities affecting apps that load dynamic-link libraries (DLL’s) in an insecure manner. And, also released a tool to help protect systems by disallowing unsafe DLL-loading behavior. When installed, this tool still needs to be configured in order to block malicious behavior, as a result, SRD team has written a detailed post on this topic and has worked with Microsoft Fix-it team to develop a Fix-it to enable recommended setting which blocks most network-based attack vectors. Note the above tool needs to be installed prior to enabling Fix-it.

Microsoft is also working with Windows Update team to add it to WU catalog to make it easier to deploy via WSUS.

For Detailed Instructions: An update on the DLL-preloading remote attack vector

Share This Story, Choose Your Platform!

Get Latest News

Subscribe to Digital News Hub

Get our daily newsletter about the latest news in the industry.
First Name
Last Name
Email address
Secure and Spam free...