Scripps Employees Called 'Hackers' For Exposing Massive Security Flaw
Suspected PayPal Hackers Seek Deal To Stay Out Of Prison
Windows DLL exploit could cause problems, and there's no immediate fix available
I wouldn't worry too much though. As I said, it's a very old issue that hasn't been fixed in a long time. Basically, DLL files are libraries of functions. Most programs load a bunch of DLLs when they start-up, and if you can infect those DLLs -- or replace them with malicious counterparts -- then you can very easily hack the system. The problem is exacerbated by the fact that one DLL might call any number of other DLLs. Still, the problem remains that you have to get those bad DLLs onto the user's system, which isn't easy.
CNet has more information, direct from Microsoft:
As you can see, you and I aren't going to be fooled by this new attack vector -- but it might be worth telling your friends and family about it! This nasty little bug won't be going away for some time, and dozens of very popular Windows programs like Office 2007, µTorrent, and Firefox 3.6.8 are vulnerable."At this time, we encourage customers to review and apply the guidance in Security Advisory 2269637. Also, it should be noted that DLL planting requires significant user interaction and cannot be exploited by simply browsing to a web page. An attacker would have to convince a user to click a link to their SMB (Server Message Block) or WebDAV (Web-based Distributed Authoring and Versioning) share and then convince the user to open a file from that share which would trigger additional dialogs prompting the user to OK the action."
For further reading, here's a published example of how you might exploit iTunes on Windows. Offensive Security even has a video of the exploit in action! Again, don't worry too much -- just don't click any odd links from people you don't trust and you'll be fine.
Comments
3
Subscribe to commentsPatrick #2Aug 25th 2010 3:33PM
iTunes can't be used on Windows as an exploit vehicle, it was updated to not allow it. I love how so many blogs about this issue have tried to bring Apple into it in some way without noting that iTunes is not vulnerable.
JayenkaiAug 25th 2010 4:57PM
For you and I, maybe, but for everyone who bought a First Gen iPod Classic, there's a pretty darn good possibility they also have iTunes v0.00005 on their system to go with it.
Not everyone updates, and a whole great big pile of "none-techy" folk have older iTunes on their systems.
By referencing iTunes, you can quite happily say "Here's something that a lot of people might have on their system", and that'll get the news out a little better, assuming folk actually bother to warn their none-techy friends and family.. Or at the very least, do the update for them.
theampAug 25th 2010 5:00PM
So would disabling the WebDAV service prevent this exploit from working?