There are updates today for the MS .dll hacking problem for almost
everything. I got the following programs needing the update:

Firefox
Seamonkey
Thunderbird
Skype
Chrome

There may be more programs needing the update, so check them.

--
Alias

 

alias gets desperate...again!...LOL!

On 9/8/2010 91 AM, Alias wrote:
> There are updates today for the MS .dll hacking problem for almost
> everything. I got the following programs needing the update:
>
> Firefox
> Seamonkey
> Thunderbird
> Skype
> Chrome
>
> There may be more programs needing the update, so check them.
>
hehehe...getting really desperate huh?...LOL!

 

Alias wrote:
> There are updates today for the MS .dll hacking problem for almost
> everything. I got the following programs needing the update:
>
> Firefox
> Seamonkey
> Thunderbird
> Skype
> Chrome
>
> There may be more programs needing the update, so check them.
>

Looks like a regular release.

https://wiki.mozilla.org/Releases/Firefox_3.6.9

List of security fixes.

http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9

If you look at the wording on this one, it's a shortcoming of the
coding on Firefox, rather than being a flat out Windows issue.

"Windows XP DLL loading vulnerability"
http://www.mozilla.org/security/announce/2010/mfsa2010-52.html

"Firefox attempts to load dwmapi.dll upon startup as part of its
platform detection, so on systems that don't have this library,
such as Windows XP, Firefox will subsequently attempt to load
the library from the current working directory. An attacker
could use this vulnerability to trick a user into downloading
a HTML file and a malicious copy of dwmapi.dll into the same
directory on their computer and opening the HTML file with
Firefox, thus causing the malicious code to be executed.

If the attacker was on the same network as the victim, the
malicious DLL could also be loaded via a UNC path. The attack
also requires that Firefox not currently be running when it
is asked to open the HTML file and accompanying DLL."

Note: Firefox users on Windows versions earlier than Vista <---- later than ???
were not vulnerable to this attack because dwmapi.dll
legitimately exists in Vista and later versions and
is successfully loaded by Firefox before attempting
to load the planted DLL."

What that note doesn't explain, is for the Windows XP users this
does apply to, how is Firefox downloading into the same directory
as the executable ? My download folder is just a download folder.
The place HTML files are downloaded, isn't the same place as the
rest of the install directory, as far as I know. It would take
some outright cleverness on the part of the user, to set the
download directory so it was the same as the executable folder used
by Firefox. Presumably, there are path loading rules, that prevent
a tool from taking code from just anywhere.

So this one strikes me, as being "a stretch". You have to go
out of your way, to be vulnerable. And also, since this *is* a
Windows 7 group, the Firefox bug doesn't apply to Windows 7.
If you wanted to be sure, and you're on Windows 7, search
your C: drive for dwmapi.dll and see if there is a copy already
there that Firefox would be loading.

*******

With regard to Skype, do they have release notes of any merit ?
I couldn't find anything interesting there.

HTH
Paul

 

On 08/09/2010 171, Alias wrote:
> There are updates today for the MS .dll hacking problem for almost
> everything. I got the following programs needing the update:
>
> Firefox
> Seamonkey
> Thunderbird
> Skype
> Chrome
>
> There may be more programs needing the update, so check them.
>

Not sure whether Skype was just a dll update - it said it was a MAJOR
update!

 

On 09/08/2010 08:00 PM, Gordon wrote:
> On 08/09/2010 171, Alias wrote:
>> There are updates today for the MS .dll hacking problem for almost
>> everything. I got the following programs needing the update:
>>
>> Firefox
>> Seamonkey
>> Thunderbird
>> Skype
>> Chrome
>>
>> There may be more programs needing the update, so check them.
>>
>
> Not sure whether Skype was just a dll update - it said it was a MAJOR
> update!

And you think it's a coincidence that all those apps updated today?

--
Alias

 

On 09/08/2010 074 PM, Paul wrote:
> Alias wrote:
>> There are updates today for the MS .dll hacking problem for almost
>> everything. I got the following programs needing the update:
>>
>> Firefox
>> Seamonkey
>> Thunderbird
>> Skype
>> Chrome
>>
>> There may be more programs needing the update, so check them.
>>
>
> Looks like a regular release.
>
> https://wiki.mozilla.org/Releases/Firefox_3.6.9
>
> List of security fixes.
>
> http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.9
>
>
> If you look at the wording on this one, it's a shortcoming of the
> coding on Firefox, rather than being a flat out Windows issue.
>
> "Windows XP DLL loading vulnerability"
> http://www.mozilla.org/security/announce/2010/mfsa2010-52.html
>
> "Firefox attempts to load dwmapi.dll upon startup as part of its
> platform detection, so on systems that don't have this library,
> such as Windows XP, Firefox will subsequently attempt to load
> the library from the current working directory. An attacker
> could use this vulnerability to trick a user into downloading
> a HTML file and a malicious copy of dwmapi.dll into the same
> directory on their computer and opening the HTML file with
> Firefox, thus causing the malicious code to be executed.
>
> If the attacker was on the same network as the victim, the
> malicious DLL could also be loaded via a UNC path. The attack
> also requires that Firefox not currently be running when it
> is asked to open the HTML file and accompanying DLL."
>
> Note: Firefox users on Windows versions earlier than Vista <---- later
> than ???
> were not vulnerable to this attack because dwmapi.dll
> legitimately exists in Vista and later versions and
> is successfully loaded by Firefox before attempting
> to load the planted DLL."
>
> What that note doesn't explain, is for the Windows XP users this
> does apply to, how is Firefox downloading into the same directory
> as the executable ? My download folder is just a download folder.
> The place HTML files are downloaded, isn't the same place as the
> rest of the install directory, as far as I know. It would take
> some outright cleverness on the part of the user, to set the
> download directory so it was the same as the executable folder used
> by Firefox. Presumably, there are path loading rules, that prevent
> a tool from taking code from just anywhere.
>
> So this one strikes me, as being "a stretch". You have to go
> out of your way, to be vulnerable. And also, since this *is* a
> Windows 7 group, the Firefox bug doesn't apply to Windows 7.
> If you wanted to be sure, and you're on Windows 7, search
> your C: drive for dwmapi.dll and see if there is a copy already
> there that Firefox would be loading.
>
> *******
>
> With regard to Skype, do they have release notes of any merit ?
> I couldn't find anything interesting there.
>
> HTH
> Paul


See
http://www.computerworld.com/s/article/9184019/Mozilla_fixes_Firefox_s_DLL_load_hijacking_bug

regarding Firefox's update to fix the .dll problem.

--
Alias

 

"Alias" <aka@masked&anonymous.com.¡nvalido> wrote in message
news:i68jct$ln0$1@news.eternal-september.org...
> On 09/08/2010 08:00 PM, Gordon wrote:
>> On 08/09/2010 171, Alias wrote:
>>> There are updates today for the MS .dll hacking problem for almost
>>> everything. I got the following programs needing the update:
>>>
>>> Firefox
>>> Seamonkey
>>> Thunderbird
>>> Skype
>>> Chrome
>>>
>>> There may be more programs needing the update, so check them.
>>>
>>
>> Not sure whether Skype was just a dll update - it said it was a MAJOR
>> update!
>
> And you think it's a coincidence that all those apps updated today?
>
> --
> Alias

And you think it's a coincidence that almost NOBODY uses Ubuntu or Mint?