Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Executable installers are vulnerable^WEVIL (case 34): Microsoft's vs-community-*.exe susceptible to DLL hijacking
Jul 01 2016 01:32PM
Stefan Kanthak (stefan kanthak nexgo de)
the executable installer for Microsoft's Visual Studio 2015
Community Edition, available from <https://www.visualstudio.com/>,
is vulnerable to DLL hijacking: on a fully patched Windows 7 SP1
it loads the following DLLs from its "application directory"
instead of Windows' "system directory"...
[ more ]
Copyright 2010, SecurityFocus