Month: October 2010

Mitigating Insecure Library Loading Vulnerability

Insecure library loading or dll hijacking vulnerability occurs when libraries are loaded from a location not intended to load from due to how Windows search order works when searching for the library. This really comes down to developers not specifying the fully qualified path name of the library or not initially calling SetDllDirectory() with a…


Unable to delete folder with trailing space

There are a number of possibilities as to why folders cannot be deleted but this one I came across recently got my attention. While decompressing a zip file it created its extracted folder but when I came to remove the folder it came up with the error “Cannot delete file: Cannot read from the source…


Hiding malicious files in Windows folders

The desktop.ini is a standard text file that can be placed in any Windows folder to customize certain aspects of the folders behaviour, i.e. what the folder icon should be, what folder name to display, etc. The desktop.ini file is normally a hidden file so to display existing ones in folders you’ll need to make…