Kingsoft Office 2010 is vulnerable to an unsecure DLL hijacking vulnerability. Similar terms used to describe this problem are: Remote Binary Planting, and Unsecure DLL Loading / Injection / Hijacking / Preloading. Kingsoft is aware of the issue and is currently working on a fix. Read below to learn about a temporary workaround that can provide protection until a fix is released.

Vulnerability Description

All Kingsoft Office applications pass an insufficiently qualified path while loading external libraries after a user opens an associated file type. See below for the list of affected file types.

  • Kingsoft Writer: Affected DLL: plgpf.dll, Affected extensions: .DOC, .RTF
  • Kingsoft Presentation: Affected DLL: plgpf.dll, Affected extension: .PPT
  • Kingsoft Spreadsheets: Affected DLL: plgpf.dll, Affected extension: .XLS

Temporary Workaround

This Microsoft update introduces a new registry entry CWDIllegalInDllSearch that allows users to control the DLL search path algorithm. The DLL search path algorithm is used by the LoadLibrary API and the LoadLibraryEx API when DLLs are loaded without specifying a fully qualified path.

Source: http://seclists.org/fulldisclosure/2010/Sep/218

Related Articles

  1. Netbook screen real estate: Microsoft Office 2010 Starter versus Kingsoft Office...
  2. Computer Shopper Review of Kingsoft Office 2010
  3. Microsoft Office 2010 officially available, still costs way more than Kingsoft O...
  4. It is official: FREE Upgrade to Kingsoft Office 2010
  5. PC Pro Review of Kingsoft Office 2010

Tags:

office 2010 dll (5), Unsecure 2010 (3), kingsoft office vulnerabilities (3), dll office 2010 (2), microsoft Office 2010 alternative (2)