{"id":100515,"date":"2018-12-19T07:00:00","date_gmt":"2018-12-19T22:00:00","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/oldnewthing\/?p=100515"},"modified":"2019-03-13T00:11:19","modified_gmt":"2019-03-13T07:11:19","slug":"20181219-00","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/oldnewthing\/20181219-00\/?p=100515","title":{"rendered":"It rather involved being on the other side of this airtight hatchway: Hanging the loader"},"content":{"rendered":"<p>A security vulnerability report pointed out that a malicious file can cause the module loader to enter an infinite loop, thereby causing a denial of service on the process doing the loading. <\/p>\n<p>This was by itself not interesting. After all, if you have managed to get the system to attempt to load your DLL, and you want to use it to cause a denial of service, then you don&#8217;t need to get this fancy. You can just put <code>Sleep(INFINITE);<\/code> in your <code>DLL_<\/code><code>PROCESS_<\/code><code>ATTACH<\/code> handler! <\/p>\n<p>In other words, you&#8217;re already on the other side of the airtight hatchway. And you&#8217;re bragging that you can do something annoying like a denial service, apparently unaware that being on the other side of the airtight hatchway gives you the ability to do far more interesting (and threatening) things. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>You&#8217;re already there. No need to brag.<\/p>\n","protected":false},"author":1069,"featured_media":111744,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[26],"class_list":["post-100515","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-oldnewthing","tag-other"],"acf":[],"blog_post_summary":"<p>You&#8217;re already there. No need to brag.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/100515","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/users\/1069"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/comments?post=100515"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/posts\/100515\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media\/111744"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/media?parent=100515"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/categories?post=100515"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/oldnewthing\/wp-json\/wp\/v2\/tags?post=100515"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}