Dynamic Link Library

Win32k.sys: A Patched Stuxnet Exploit

…we also indicated in that paper that there are two Elevation of Privilege (EoP) vulnerabilities that we chose not to describe while patches were pending. One of these has now been patched, so we’re now able to publish some of the information we have on it. (When the other vulnerability has been patched, we plan to update the Stuxnet paper with information on both issues.)

DLL loading vulnerability

Scarcely had we got our breath back mainly after Microsoft addressed a serious vulnerability in handling .LNK (shortcut) files, before researcher HD Moore made public a serious security failure in the dynamic loading of libraries in Windows that came to light when he was investigating the .LNK issue.

Follow us

Copyright © 2016 ESET, All Rights Reserved.