Users wishing to use Microsoft’s tool (released last week) to block the DLL vulnerability present in a wide range of programs may find that they have a problem. If the setting for the manually created CWDIllegalInDllSearch registry entry in the ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager’ path is too strict, programs including Google’s Chrome web browser may become unusable. Microsoft has now released a ‘fix-it’ solution which automatically generates the key and sets it to the less severe value of ‘2’ – this protects users from direct DLL hijacking from network shares. The fix-it requires the original tool to have been previously installed. Microsoft is currently considering distributing it via Windows Update.
Read the full article here.
[ad code=2 align=center]