[Nasm-bugs] [Bug 3392457] DLL hijacking in NASM installer leading to arbitary code execution ( stable release )
no-reply at bugzilla-nasm.gorcunov.org
no-reply at bugzilla-nasm.gorcunov.org
Thu Jan 4 13:41:12 PST 2018
https://bugzilla.nasm.us/show_bug.cgi?id=3392457
--- Comment #11 from Souhardya Sardar <Souhardya at protonmail.com> ---
Mitigations :-
| To ensure secure loading of libraries
| * Use proper DLL search order.
| * Always specify the fully qualified path when the library location
~~~~~~
| is constant.
| * Load as data file when required.
| * Make use of code signing infrastructure or AppLocker.
:p ^
--
You are receiving this mail because:
You are on the CC list for the bug.
You are watching all bug changes.
More information about the Nasm-bugs
mailing list