[Owasp-singapore] Firefox, uTorrent, and PowerPoint hit by Windows DLL bug. - Plenty more where that came from

Wong Onn Chee ocwong at usa.net
Thu Aug 26 00:17:41 EDT 2010


 http://www.theregister.co.uk/2010/08/24/windows_dll_casualties/

"Microsoft said on Monday that the flaw stems from applications that
don't explicitly state the full path name of DLL files and other
binaries associated with the program. As a result, *each application
will have to be patched separately*, rather than there being a single
Windows update."

Wow! God bless all Windows security administrators.

A reminder - this is not a Microsoft vulnerability (pending more info on
claims of "affected" MS software).

Guess our fellow Windows admins will be busy patching all the 3rd-party
Windows apps till end of the year.

All thanks to poor coding practices.

Again.

Sign.... :-(

-- 

Best Regards
Onn Chee

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20100826/6dbfa532/attachment.html 


More information about the Owasp-singapore mailing list