| 摘要 |
<p>A procedure is described which solves the problem of detecting executable files and preventing their loading from the current working directory. The procedure is performed within the general application processor and represents a technical solution of a technical problem since the generally programmable processor with a command set and the implementation of steps is changed into a new configuration according to the invention suitable for solving the aforementioned technical problem. The main feature of the described procedure for detecting the described vulnerability is in the fact that by monitoring of calls and arguments by system or application functions, which play a key role in loading executable files, it detects that the computer software or operation system has either tried, will try or has just started loading or is starting an executable file from the current working directory. The main feature of the procedure is to prevent the abuse of the described vulnerability by upgrading the procedure (passive, non-disruptive for the processes) of detecting such vulnerability with an active intervention into the operation of the computer program or operation system in such a way that the loading or starting of an executable file is prevented. An additional method is given for limiting the abuse of the described vulnerability which either limits the loading or starting of executable files from the current working directory by either limiting or preventing the setting of the current working directory in file locations, where a malicious person could create an executable file.</p> |
