Posted on 02/08/2016 6:41:43 PM PST by Utilizer
Oracle has released new Java installers to fix a well-known security issue (CVE-2016-0603) that also affects a plethora of other applications, from Web browsers to antivirus products, and from file compressors to home cinema software.
The problem is called DLL hijacking (or DLL side-loading) and refers to the fact that malware authors can place DLLs of the same name in specific locations on the target's filesystem and have it inadvertently load the malicious DLL instead of the safe one. DLL hijacking is a very well-known issue
This type of attack is very old and has been known to many software vendors, and especially to malware authors, who sometimes prefer it because it allows them to hijack legitimate applications and not to rely on convincing users to double-click and execute their own malicious binary.
If you've been keeping an eye on infosec sites like Packet Storm, SecLists, or Security Focus, German security researcher Stefan Kanthak has been quite busy testing the installers of various software products against this vulnerability.
Here's a short (probably incomplete) list of applications that he found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple iTunes.
(Excerpt) Read more at news.softpedia.com ...
you can set your build to compile the library in, therefore not loading the DLL.
or you can load the instance yourself specifically, thereby avoiding any DLL that might be in memory
personally, i prefer the first method
What can we computer idiots running Chrome do to avoid problems?
Grrrr......makes me so mad.
Wait, what is this article about ?
I thought that’s what the registry was for?
In a nutshell, only download install programs from trusted sources such as sourceforge.net, and adobe, microsoft, google and known Linux Stable sites (among others).
MAKE BACKUPS.
Not the same thing.
M$ uses DLLs to hijack your PC.
Then just delete all the DLLs. Problem solved.
Linux doesn’t use DLLs. The equivalent in Linux/Unix are .os libraries. Which version gets loaded may depend on what is hardcoded in the executable, or it may search the LD_LIBRARY_PATH environment variable.
The ‘doze platform uses many .dll files in its programs. It does not need simply those to access a PC but at least before Win10 you could block access. Not the same .dll ‘s that are used in the applications mentioned.
No kidding. Unless you use something like WINE which does indeed use them.
How hard is it to seperate the core OS and applications from the damn internet? No web browser should be allowed to touch the OS root directory of program directory. I don’t care if that means the end of browser mods.
Not sure if you meant to reply to this thread actually, but here:
http://freerepublic.com/focus/f-chat/3394418/posts
is one more applicable to your comment, should you care to join in.
Make sure to check frequently for updates and security fixes. There will always be computer vulnerabilities. You just have to stay on top of it. Don’t go to dodgy websites. Don’t load programs from questionable sources. Make sure your computer patches are up to date. Ad blockers can also prevent infected ads from loading malware on your computer.
I thought the registry registered DLLs with strong names so DLLs with the same short names wouldn’t get intermixed.
The company i work at recently had a network server get infected with ransomware. Here is part of the letter from the crooks.
More information about the encryption keys using RSA-4096 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem)
How did this happen ?
!!! Specially for your PC was generated personal RSA-4096 KEY, both public and private.
!!! ALL YOUR FILES were encrypted with the public key, which has been transferred to your computer via the Internet.
Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server.
What do I do ?
So, there are two ways you can choose: wait for a miracle and get your price doubled, or start obtaining BITCOIN NOW! , and restore your data easy way.
If You have really valuable data, you better not waste your time, because there is no other way to get your files, except make a payment.
For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below:
When you say that, do you mean for my Windows 8.1 operating system or my Chrome browser?
All of them. Keep Windows patches up to date. Keep individual software packages up to date. Each can have separate vulnerabilities.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.