|
Full Disclosure
mailing list archives
Re: DLL hijacking with Autorun on a USB drive
From: paul.szabo () sydney edu au
Date: Fri, 27 Aug 2010 14:30:33 +1000
Dan Kaminsky <dan () doxpara com> wrote:
Instead of it executing "wab.exe (Windows Address Book) and open the
file test.vcf", one can directly get any .exe file open.
Users have shown themselves very willing to open up test.vcf.exe.
Or for that matter, test, which is actually an exe with the icon of a
vcf. Thus the problem with all this chortling about foolish
applications: the desktop simply does not possess the security model
of the browser or the email client.
Badly setup desktops: do not "hide extensions", maybe view details (or
list) not icons.
Cheers, Paul
Paul Szabo psz () maths usyd edu au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
(Thread continues...)
| 
