New subject: [PSRT] [Security-announce]CVE-2020-8315: Windows 7 DLL hijack

29 Jan 2020

      Steve Dower,

Thanks for sharing this with us.

Any workaround to mitigate this?

Cheers,
Marlon Petry

On Tue, Jan 28, 2020, 23:48 Steve Dower  wrote:
...
A DLL hijacking vulnerability has been discovered in CPython 3.6, 3.7
and 3.8 when running on Windows 7 or earlier.
An attacker who is able to place a DLL "api-ms-win-core-path-l1-1-0.dll"
earlier on the DLL search path than the System32 directory could cause
their file to be loaded and executed at interpreter startup instead of
the system one.
Prior to Windows 7, this file does not exist and may be placed anywhere
on the search path. After Windows 7, the DLL is loaded directly from its
API set and not using the search path. Only Windows 7 is impacted.
Patches to ensure that only the System32 copy of the file is loaded are
linked from the bug page below. The next release of each version
(3.6.11, 3.7.7, 3.8.2) will include the fixes. Python 3.9 does not
support Windows 7, and so is unimpacted.
Note that this attack will likely work against other applications on
Windows 7, and it is not unique to CPython. Upgrading to a supported
operating system is recommended.
CVE page: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8315
Bug page: https://bugs.python.org/issue39401
Cheers,
Steve Dower and the Python Security Response Team
_______________________________________________
Security-announce mailing list -- security-announce@python.org
To unsubscribe send an email to security-announce-leave@python.org
https://mail.python.org/mailman3/lists/security-announce.python.org/

Re: [Security-announce]CVE-2020-8315: Windows 7 DLL hijack

Marlon Luis Petry

Victor Stinner

tags

participants (2)