Re: L0pht Security Advisory: Windows NT

From: Paul Ashton (paulat_private)
Date: Fri Feb 19 1999 - 03:23:44 PST

Next message: Larry W. Cashdollar: "Re: snap on AIX"

Previous message: John W. Temples: "Re: mSQL vulnerability."
Maybe in reply to: Dildog: "L0pht Security Advisory: Windows NT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dildog <dildogat_private> writes:
>                           L0pht Security Advisory

> ---
> Workarounds/Fixes:
> ---
>
>       I developed a patch for this security problem in the form of a
> Win32 Service program that can be installed by the Administrator of the
> system. It sets itself to run every time the system is started, and before
> the user has the opportunity to start a program, it adjusts the
> permissions of the DLL cache to something much safer.

Alternatively, you can set
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ProtectionMode=1
and reboot.


Paul

Next message: Larry W. Cashdollar: "Re: snap on AIX"
Previous message: John W. Temples: "Re: mSQL vulnerability."
Maybe in reply to: Dildog: "L0pht Security Advisory: Windows NT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:57 PDT