Fortinet Discovers Swisscom MySwisscomAssistant DLL Preloading Vulnerability
Fortinet's FortiGuard Labs has discovered a DLL preloading vulnerability in Swisscom's MySwisscomAssistant for Windows.
Swisscom's MySwisscomAssistant for Windows is a desktop application which can help users with setting up Internet, e-mail and WLAN, report problems with the Internet, e-mail or WLAN and fix them and also check & improve the quality of user's WLAN connection.
Swisscom's MySwisscomAssistant for Windows is susceptible to a DLL preloading vulnerability. The issue occurs when the application looks to load a DLL for execution and an attacker provides a malicious DLL to use instead. The application generally follows a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
Users should apply the solution provided by Swisscom.
Fortinet reported the vulnerability to Swisscom on June 15, 2017.
Swisscom confirmed the vulnerability on August 21, 2017.
Swisscom patched the vulnerability on November 30, 2017.