[Owasp-singapore] Firefox, uTorrent, and PowerPoint hit by Windows DLL bug. - Plenty more where that came from

Wong Onn Chee ocwong at usa.net
Thu Aug 26 00:17:41 EDT 2010


"Microsoft said on Monday that the flaw stems from applications that
don't explicitly state the full path name of DLL files and other
binaries associated with the program. As a result, *each application
will have to be patched separately*, rather than there being a single
Windows update."

Wow! God bless all Windows security administrators.

A reminder - this is not a Microsoft vulnerability (pending more info on
claims of "affected" MS software).

Guess our fellow Windows admins will be busy patching all the 3rd-party
Windows apps till end of the year.

All thanks to poor coding practices.


Sign.... :-(


Best Regards
Onn Chee

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20100826/6dbfa532/attachment.html 

More information about the Owasp-singapore mailing list