(imported topic written by CSL2012)
Can a fixlet be provided for Microsoft Security Advisory 2264107? This patch was released (6/10/2011).
This update introduces a new registry entry CWDIllegalInDllSearch that allows users to control the DLL search path algorithm. The DLL search path algorithm is used by the LoadLibrary API and the LoadLibraryEx API when DLLs are loaded without specifying a fully qualified path.
Summary:
The update allows the administrator to define the following on a system-wide or a per-application basis:
•Remove the current working directory from the library search path.
•Prevent an application from loading a library from a WebDAV location.
•Prevent an application from loading a library from both a WebDAV, as well as a remote UNC location.
More Information: http://support.microsoft.com/kb/2264107
Thanks,
Chi S. Li