|
Full Disclosure
mailing list archives
Re: DLL hijacking with Autorun on a USB drive
From: Valdis.Kletnieks () vt edu
Date: Fri, 27 Aug 2010 01:51:36 -0400
On Fri, 27 Aug 2010 01:29:32 EDT, Dan Kaminsky said:
Again, let me emphasize. Really interesting vector, will probably end up
attached to an unambiguous flaw. But right now, we're just seeing flaws
along the lines of "Double clicking an icon in Explorer might execute
arbitrary code". It doesn't matter that that's true even if there's a
network share, or a USB stick. That's what Explorer *does*.
And as I said, a fix that starts off with "First thing we do is feed Explorer
to a pack of hungry dingos" won't fly with Joe Sixpack. ;)
Attachment:
_bin
Description:
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
(Thread continues...)
| 
