Quantcast
Channel: windows – Brian Reiter's Thoughtful Code
Browsing latest articles
Browse All 20 View Live

Image may be NSFW.
Clik here to view.

Use Image Hijacking to Globally Replace Notepad.exe

I like to use a progammer’s text editor called EmEditor. Some people like Notepad++, vim, etc. You can change file associations but some things are just hard-coded to call notepad.exe. Notepad.exe is a...

View Article


Image may be NSFW.
Clik here to view.

Upgrade and Zenburn the Console Window

Background In Windows, console windows (aka command line or “DOS” windows) are special. In a UNIX-like environment a terminal emulator talks to a local virtual teletype and connects to three text...

View Article


Image may be NSFW.
Clik here to view.

The Sad History of the Microsoft POSIX Subsystem

When Windows NT was first being developed, one of the goals was to make the kernel separate from the programming interface. NT was originally intended to be the successor to OS/2 but Microsoft also...

View Article

Image may be NSFW.
Clik here to view.

Microsoft Should Formally Deprecate CWD from LoadLibrary Search

Microsoft recently released security security advisory 2269637, “Insecure Library Loading Could Allow Remote Code Execution”. The gist is that the search behavior of LoadLibrary() includes the current...

View Article

Image may be NSFW.
Clik here to view.

Java Browser Plugin for Mozilla Vulnerable to DLL Preloading Attack

The “Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers” 32-bit version for Windows uses CWD to load its C runtime library (msvcr71.dll). If you have globally disabled loading libraries from...

View Article


Image may be NSFW.
Clik here to view.

Java Built with Unsupported Old Compilers

When I turned off DLL loading from the current working directory to defeat DLL pre-loading luring attacks, one of the things I discovered was that the Java plug-in was broken in Firefox and Chrome....

View Article

Image may be NSFW.
Clik here to view.

Mozilla Compatible Silverlight 4 Plugin Requires Loading DLLs from CWD

I visited a site yesterday in Chrome that tried to load Silverlight to provide a video player. I have KB2264107 installed and have globally disabled loading of DLLs from the current working directory...

View Article

Image may be NSFW.
Clik here to view.

More Granular Options for CWDIllegalInDllSearch Needed

I’m starting to see a class of issues where plugins rely on their libraries loading from the current working directory (CWD). To me this implies that the 0xffffffff option to completely disable loading...

View Article


Image may be NSFW.
Clik here to view.

Chrome MSI Works Great with AppLocker

Google has released a version of the Chrome installer packaged as an MSI rather than using the ClickOnce installer. The major difference is that the MSI creates a global installation under...

View Article


Image may be NSFW.
Clik here to view.

A Better Telnet for Windows

There’s no really nice way to say it: the telnet client in Windows is a little strange at best. I mostly use telnet to debug text-based TCP services. The Microsoft telnet implementation isn’t very good...

View Article
Browsing latest articles
Browse All 20 View Live