* .Txt files are dangerous in Windows
Microsoft has published the important security bulletin MS11-071 describing the vulnerability in all versions of Windows.
The essence of the vulnerability is that if a user opens a .txt file from a network folder, then malicious code from a .dll in the same network folder as the .txt file can run on his system. As a result, an attacker can gain the same rights in the system as the user has. In addition to .txt, the vulnerability covers .rtf and .doc files.
Learn more about loading a DLL on Windows , as well as setting up a registry for DLL search restrictions (CWDIllegalInDllSearch).
A similar “vulnerability” for Linux is associated with the use of LD_LIBRARY_PATH.
The essence of the vulnerability is that if a user opens a .txt file from a network folder, then malicious code from a .dll in the same network folder as the .txt file can run on his system. As a result, an attacker can gain the same rights in the system as the user has. In addition to .txt, the vulnerability covers .rtf and .doc files.
Learn more about loading a DLL on Windows , as well as setting up a registry for DLL search restrictions (CWDIllegalInDllSearch).
A similar “vulnerability” for Linux is associated with the use of LD_LIBRARY_PATH.