"Thor (Hammer of God)" <t...@hammerofgod.com> wrote: Would you mind to break the lines of your posts near column 70?
>>From your blog: [ ... ] > I would say "our self-serving and marketing-oriented minds remain > challenged to understand what security really is, but regardless, > continue to find ways of trying to convince people this represents > an actual security threat. In the end, it was our research that > falsely created security concerns and confusion where time was > better spent really doing just about anything else, but it would > have been a missed opportunity to get our names in the media to > sell our security services." While I agree with you that the threat from Microsoft's implicit DLL and EXE search/load order which includes . is old and well-known: should Microsoft NOT fix their products? One of the first MS bulletins that acknowledge this problem is MS00-052; cf <http://support.microsoft.com/kb/269049> | CAUSE: This issue can occur when you start a program by using a | registry key if the entry does not specify an absolute path. | Without a complete path, a standard path search order is followed. At least after that bulletin I'd expect a company with some reputation to do their homework, check all the references to executables in the registry (and elsewhere too) for incomplete paths (Windows XP SP3 has about 3000 in the registry alone, Windows 7 Professional x86 about 4500) and fix them all. JFTR: the path of every (system) file in Windows is well-known, it's absolutely no problem to always use a fully-qualified path. It but is sloppy coding practice, poor software engineering and even poorer QA and a true sign of "we dont care" that Microsoft did not fix those simple errors. But how did they fix MS00-052: they left the incomplete path in the registry and patched the binaries which evaluate it to modify their search/load order. WTF? About a year after MS00-052 Microsoft introduced "SafeDLLSearchMode" and documented "StartRunNoHOMEPATH": cf <http://support.microsoft.com/kb/306850> Only 4 more years later Microsoft encountered the same problem on Windows XP and 2003 too and introduced "SafeProcessSearchMode": cf <http://support.microsoft.com/kb/905890> JFTR: in Windows 7 SP1 both "Safe*SearchMode" registry entries are NOT present! Remember that Microsoft started their "trustworthy computing" initiative in 2001, it's first outcome was SP2 of Windows XP in 2004. Another 4 years later came MS09-015 "blended threat vulnerability in SearchPath ...", cf <http://support.microsoft.com/kb/959426> And still Microsoft did NOTHING to eliminate the root cause of this problem! Stefan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/