VerifyIT

VerifyIT

Skip to content

Home
# SERVICES
^ BLOG
- Hardening
  - Browsers
    - Google Chrome
    - Internet Explorer
  - Cloud
    - Azure
  - Databases
    - DB2
    - MS SQL
    - MySQL
    - Oracle
  - Operating Systems
  - Webservers
    - Apache
    - IIS
- Compliance Scanning
- Monitoring
- Vulnerability Scanning
  - Nessus
  - Nikto
  - OpenVas
- Penetration Testing
* LOCATION
$CHARITY

MS KB2269637: Insecure Library Loading Could Allow Remote Code Execution

Nessus Output

ntdll.dll has been upgraded by KB2264107 or a related, subsequent update,
but the following registry entry has not been set :

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\CWDIllegalInDllSearch

Implement registry key

Use the default DLL search path (set it to 0)

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /f /v CWDIllegalInDllSearch  /t REG_DWORD /d 0x0

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /f /v CWDIllegalInDllSearch /t REG_DWORD /d 0x0

Blocks a DLL Load from the current working directory if the current working directory is set to a WebDAV folder (set it to 1)

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /f /v CWDIllegalInDllSearch  /t REG_DWORD /d 0x1

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /f /v CWDIllegalInDllSearch /t REG_DWORD /d 0x1

Blocks a DLL Load from the current working directory if the current working directory is set to a remote folder (such as a WebDAV or UNC location) (set it to 2)

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /f /v CWDIllegalInDllSearch  /t REG_DWORD /d 0x2

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager" /f /v CWDIllegalInDllSearch /t REG_DWORD /d 0x2

References:

Microsoft Updates
http://technet.microsoft.com/en-us/security/advisory/2269637
http://www.nessus.org/u?960d4ef0
https://www.tenable.com/plugins/index.php?view=single&id=48762
http://support.microsoft.com/kb/2264107
https://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx

Share this:

LinkedIn
Twitter
Facebook
Email
WhatsApp
Print
Telegram
Skype
More

Pinterest
Reddit
Tumblr
Pocket

This entry was posted in Compliance Scanning, Hardening, Windows on April 28, 2016 by webmaster.

Post navigation

← Nessus Cloud Microsoft XML Parser (MSXML) and XML Core Services Unsupported →

Search for:

Partners

Top Posts

MS KB2269637: Insecure Library Loading Could Allow Remote Code Execution
SSL Version 2 and 3 Protocol Detection
SSH Server CBC Mode Ciphers Enabled
SMB Signing Disabled (Windows)
Check Windows File Integrity with sfc and powershell
MS15-011: Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
Configure the 'SSL Cipher Suite Order' Group Policy Setting
IPMI v2.0 Password Hash Disclosure
Identify failed credentialed scans in Nessus / Security Center
Ensure RC4 Cipher Suites is disabled

Recent Posts

Samba Exploits January 23, 2018
Uploading / Downloading Files January 21, 2018
OS Fingerprinting October 14, 2017
Scanning udp port 1434 SQL Browser October 12, 2017
Mount Windows share from Linux October 12, 2017
UDP port Scanning October 11, 2017
Privilege Escalation October 8, 2017
Reverse Shells October 8, 2017
Verify Permissions on files (Windows) May 1, 2017
PASSWORD_COMPLEXITY_UNSUPPORTED_ON_AGENT February 24, 2017

Categories

Proudly powered by WordPress

Send to Email Address Your Name Your Email Address

Cancel

Post was not sent - check your email addresses!

Email check failed, please try again

Sorry, your blog cannot share posts by email.