Posted by Stefan Kanthak on Mar 09

“Securify B.V.” wrote:

[…]

This vulnerability demonstrates Microsoft’s terrible SLOPPY coding
horror^Wpractice: it needs two mistakes to create this kind of bug!

“%CommonProgramFiles%Systemwab32res.dll” is (as its name implies)
a resource DLL, which means that it contains no code, but only
(localized) resources, and SHOULD (better: MUST) be loaded via…