> The link you gave gives a single line description of the issue. It isn't very helpful in understanding what conditions were required to exploit. Is this a Sandboxie installer issue or all installers?
The single line description is literally an answer to both of those questions, "Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory."
> Edit: ok, read the medium link at the bottom. This is an issue with Sandboxie's installer behavior, for which I think it is unfair to blame the way Windows searches for and loads DLLs.
The vulnerability is literally caused by the dll load path containing the cwd. That is the subject of this entire thread.
None of that has anything to do with the discussion about binary planting, one variant of which is dll planting due to the cwd directory being used as a path component in microsoft windows versions.
The single line description is literally an answer to both of those questions, "Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory."
> Edit: ok, read the medium link at the bottom. This is an issue with Sandboxie's installer behavior, for which I think it is unfair to blame the way Windows searches for and loads DLLs.
The vulnerability is literally caused by the dll load path containing the cwd. That is the subject of this entire thread.