f.lux

    f.lux forum

    • Register
    • Login
    • Search
    • Recent
    • Popular

    Flux's dll hijacking vulnerability

    Windows v3
    3
    4
    3546
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Anomiesage last edited by Anomiesage

      How is the flux team, working on patching this dll hijacking vulnerability? Or is the vulnerability already fixed?

      "flux-setup.exe" loads and executes dll from its "application directory".

      For software downloaded with a web browser the applicationdirectory is
      typically the user's "Downloads" directory: see <
      https://insights.sei.cmu.edu/cert/2008/09/carpet-bombing-and-directory-poisoning.html

      ,
      <http://blog.acrossecurity.com/2012/02/downloads-folder-binary-planting.html

      and http://seclists.org/fulldisclosure/2012/Aug/134 for "prior art" about
      this well-known and well-documented vulnerability.

      If an attacker places malicious DLL in the user's "Downloads" directory
      (for example per "drive-by download" or "social engineering") this
      vulnerability becomes a remote code execution.

      Proof of concept/demonstration:

      
      1. Create a malicious dll file and save it in your "Downloads" directory.
      
      2. Download "flux-setup.exe" from https://justgetflux.com/ and save it in
      your "Downloads" directory.
      
      3. Execute "flux-setup.exe" from your "Downloads" directory.
      
      4. Malicious dll file gets executed.
      1 Reply Last reply Reply Quote 0
      • herf
        herf last edited by herf

        This is patched in the 3.11 build:
        https://justgetflux.com/flux-setup3-11.exe

        It is not the main download right now because we are trying to enable XP and Windows 10 Anniversary signing in one build. (Currently this one will install on Win7+).

        1 Reply Last reply Reply Quote 0
        • Tungsten_smooth
          Tungsten_smooth last edited by

          @herf The version https://justgetflux.com/flux-setup3-11.exe

          1 Reply Last reply Reply Quote 0
          • A
            Anomiesage last edited by

            Thanks for the reply and the help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright © 2014 NodeBB Forums | Contributors