Load comctl32.dll (for drag lists) at run time.

This too is not in the list of known DLLs on Windows 10. I don't know of any actual viable hijacking attack based on it, which according to my reading of MSDN (specifically, a rather vague hint in https://msdn.microsoft.com/library/ff919712) _may_ be because we mention the common controls assembly in our application manifest; but better safe than sorry. Now the entire list of remaining DLLs that PuTTY links against at load time is a subset of the Win10 known DLLs list, so that _should_ mean that everything we load before we've deployed our own defence (SetDefaultDllDirectories) is defended against for us by Windows itself.
2025-07-10 07:43:48 -05:00 · 2017-03-13 21:42:44 +00:00
parent 793ac87275
commit f77ee39e8c
5 changed files with 28 additions and 12 deletions
--- a/2
+++ b/2
@ -273,7 +273,7 @@ IMPORT   = import sshbcrypt sshblowf
 CHARSET  = sbcsdat slookup sbcs utf8 toucs fromucs xenc mimeenc macenc localenc

 # Standard libraries.
-LIBS     = advapi32.lib user32.lib gdi32.lib comctl32.lib comdlg32.lib
+LIBS     = advapi32.lib user32.lib gdi32.lib comdlg32.lib
         + shell32.lib imm32.lib ole32.lib

 # Network backend sets. This also brings in the relevant attachment