[HN Gopher] BitLocker Lockscreen Bypass
___________________________________________________________________
BitLocker Lockscreen Bypass
Author : rdpintqogeogsaa
Score : 428 points
Date : 2021-01-17 12:46 UTC (10 hours ago)
(HTM) web link (secret.club)
(TXT) w3m dump (secret.club)
| lrossi wrote:
| I thought this was supposed to encrypt the drive? How can you
| bypass the lockscreen without having the password? Is the
| encryption theater?
| my123 wrote:
| It's measured boot with the TPM getting measurements of the
| system state during all steps up to the Windows Boot Manager.
| (and including the Windows Boot Manager configuration data)
|
| If all the measurements match, the TPM releases the volume
| encryption key and the system can boot.
|
| If you boot from an external volume and then modify the boot
| configuration or the OS loader, or reflash the UEFI firmware,
| the measurements won't match and the TPM won't give the key.
|
| Of course, if the login prompt, which runs way afterwards is
| buggy, drive encryption in Windows won't save you there.
|
| An advantage of this system is that when you reboot, all your
| services can run before you input your password, and you can
| login remotely. That's an absolute must for a lot of business
| use cases.
| zinekeller wrote:
| This is similar to what modern-day smartphones do: they encrypt
| your data so that it cannot be taken at rest, but assuming that
| you can hijack the OS you can still read it. Also, BitLocker
| does have a much more stronger mode where you are actually
| required to enter a PIN before you reach the regular lock
| screen that is physically uncrackable*. In other words, this is
| the state if you have a) done nothing and your device is
| eligible for automatic encryption or b) you actively selected
| "TPM Only" despite clear warnings that it will be weaker than
| PIN.
|
| Much more in depth info:
| https://news.ycombinator.com/item?id=25810639
|
| * Unless you have cracked AES
| Xeanort wrote:
| * Unless you get an Evil Maid attack [0], like adding a
| physical keylogger to the keyboard bus.
|
| If the device is decrypted but on lock screen (like with TPM)
| there are more options, the main one is reading memory via
| DMA [1] on an ExpressCard slot (eg the wifi card). Also
| swapping out the memory to do a cold boot attack [2] is
| possible.
|
| [0] https://en.wikipedia.org/wiki/Evil_maid_attack
|
| [1] https://github.com/ufrisk/pcileech
|
| [2] https://en.wikipedia.org/wiki/Cold_boot_attack
| whatever1 wrote:
| There are so many gotchas in computer security. Isn't there a way
| to verify that a simple algorithm can have only prespecified
| valid final states (aka {authenticated && allowed login}, {not
| authenticated && disallowed login})?
| ComputerGuru wrote:
| Use a strongly (or stronger-) types language. In C++, use
| switch blocks instead of if statements, combined with enums (or
| better yet, enum class) to get exhaustibility checking
| (warnings at least) from the compiler.
|
| More correctly, model the entire thing as a state machine and
| use strong typing to prevent inadvertent or undesirable code
| flow changes that bypass the points of entry you are intended
| to use. But none of that helps here because they purposely
| added something that escapes the normal control flow for
| accessibility reasons, and instead of designing it as a part of
| the locked-down system, they used an escape to load the
| regular, unauthenticated accessibility apps for reuse.
| whatever1 wrote:
| But that is the whole point, they managed to get the system
| to an undesireable final state {create new user}. The
| narrator should be part of the validation.
| SiebenHeaven wrote:
| Excellent example of why one should attempt to limit attack
| surface.
| jefffoster wrote:
| Reminds me of how hard it is to write a screensaver by jwz
| https://www.jwz.org/blog/2015/04/i-told-you-so-again/ (and follow
| the links)
| jeroenhd wrote:
| Use
| https://anonym.to/?https://www.jwz.org/blog/2015/04/i-told-y...
| or open in a private tab to get past the childish referrer-
| based redirect.
| notretarded wrote:
| https://cdn.jwz.org/images/2016/hn.png
|
| nice.jpg
| paulpauper wrote:
| this probably means governments , hackers, etc know many other
| bypasses
| [deleted]
| miki123211 wrote:
| Accessibility features are a great source of security
| vulnerabilities. I rely on them myself, and have personally found
| or witnessed quite a few.
| Daniel_sk wrote:
| Same in Android - it's used by most malware.
| SquareWheel wrote:
| One example might be audio captchas. They're needed, of course,
| but it means there's two avenues open to attackers now.
| miki123211 wrote:
| Audio captchas don't really solve the underlying problem.
| Yes, they make things easier for english-speaking blind
| people with no hearing problems, but that's about it.
|
| From an accessibility perspective, the only solution that
| makes sense is pervasive surveillance to determine if you're
| human or not.
| nine_k wrote:
| A lock needs not be unbreakable. It only needs to be more
| expensive to break than the value of the things it
| protects.
|
| So captchas should only be hard enough to make complicated
| setups involving ML models or pipelines to Mechanical Turk
| not worth it. Pervasive surveillance is an overkill for
| this particular purpose.
| resynth1943 wrote:
| I'm not really talking about this from an a11y standpoint,
| but audio CAPTCHA's are so much easier than "choose the
| fire hydrant" hell.
|
| I actually remember reading a post saying that an
| accessible CAPTCHA is _hard_. To make it accessible, you
| have to make it machine-readable, which defeats the
| point...
| userbinator wrote:
| That reminds me of one of the old tricks for resetting the
| password on a Windows machine, which involves renaming cmd.exe
| to the name of the binary that gets run (can't remember the
| exact name at the moment) when you chose the "Ease of Access"
| option. It certainly gives you easy access!
| wongarsu wrote:
| Microsoft's fix seems to have only fixed the sticky-keys dialog
| [1], apparently by just removing the link to the settings when
| you are in a lockscreen. So if you manage to find another way to
| launch the settings from a lockscreen everything else should
| still work as described.
|
| 1: https://msrc.microsoft.com/update-guide/en-
| us/vulnerability/...
| Sephr wrote:
| Windows has special protocol schemes specifically for opening
| various settings pages. I feel like an accessibility feature
| will probably make it possible to launch such a URL. Maybe the
| camera app's QR code integration (if any) can launch URLs if
| accessible via the lockscreen.
| ROARosen wrote:
| Form a security standpoint I don't understand why Microsoft
| would even 'launch' any app (that's not necessary for login)
| while lock screen is on. The lock screen should be completely
| decoupled. It would be like trying to enter a URL in a browser
| while the browser app is closed which is basically impossible
| (I'm not talking about adding it as a cmd param).
| fortran77 wrote:
| Unfortunately, for people who need to type on letter at a
| time, or type with a mouthstick, there's a need to run
| accessibility helper programs.
| selfishgene wrote:
| Backdoor for law enforcement?
| sp332 wrote:
| Accessibility tools are necessary for login.
| Retric wrote:
| Then they should be part of the login application.
| shawnz wrote:
| What about third-party accessibility tools, input
| methods, logon methods, etc?
| derefr wrote:
| That would be even worse than the current state of
| things.
|
| Accessibility services are necessarily kernel services,
| since they tie deeply into considerations of what the OS
| should/shouldn't allow the user to do at any point.
|
| Giving the login application its own copy of those
| services, would mean giving the login application (=
| applications in general) the ability to tie as deeply
| into the OS as the accessibility services themselves do.
| Avoiding that is the whole reason accessibility was made
| an OS-level feature in the first place!
| [deleted]
| nine_k wrote:
| The idea is that the screen lock should directly call the
| kernel accessibility API, and not start other processes
| at all.
| Retric wrote:
| > Giving the login application its own copy of these
| services...
|
| It's much easier to have a lock/login screen that ties
| closely with the rest if the OS, but that's not an actual
| requirement. As an extreme example Windows could split
| things so you have the login screen and the rest of
| windows as effectively two completely different VM's that
| get swapped between.
|
| I am not saying that's a good idea, but Microsoft is
| building the OS from the ground up they have a lot of
| options.
| amluto wrote:
| They didn't fix the insecure directory creation when media is
| mounted?
| shawnz wrote:
| Yes, that seems to be the much more concerning aspect of this
| vulnerability.
|
| Without that, this vulnerability seems to only let you create
| local unprivileged user accounts which isn't such a big deal.
| gmueckl wrote:
| It's not as big a deal, but not without impact. You only
| need a local privilege escalation to go from a user with no
| rights to a fully open system. And systems are much harder
| to secure against code running on them with access to all
| those juicy kernel facing unprivileged APIs...
| bitexploder wrote:
| What's funny is we used to replace each other's sticky keys
| program if we left our computer unlocked. Hours of
| entertainment while they try to figure out how you keep getting
| back in. Lock your machine. And if it's windows, apparently,
| don't have USB ports. It's been a known "problem" forever (When
| you remake the sticky keys program you can unlock the machine
| by pressing SHIFT 5 times :)
| gruez wrote:
| >It's been a known "problem" forever
|
| It's a known problem forever because there's literally no
| solution. You can very well patch lsass.exe to add a
| backdoor, for instance.
| dmurray wrote:
| Yeah, if the attacker has the right to replace arbitrary
| system executables, we're not really talking about
| privilege escalation any more. The solution is not to give
| people root access to your machine.
|
| Not sure what the "don't have USB ports" aside was about:
| plugging in arbitrary USB peripherals shouldn't give you
| that kind of access, though they certainly are an attack
| vector.
| bitexploder wrote:
| USB has been a classic attack vector for local attacks
| forever. I have used them on red team social engineering
| engagements for a long time. An few innocuous auto run
| usb thrown into a few machines will be all you would need
| to compromise an internal network easily. The pint is you
| can harden physical security and a big part of that is
| disabling usb (physically if possible)
| dexen wrote:
| Related: yesterday's post by _jwz_ , "I told you so, 2021
| edition" [1], which discusses security bypass in linux
| screensavers.
|
| [1] https://news.ycombinator.com/item?id=25801693
| arkanciscan wrote:
| Who leaves sticky keys on?
| fortran77 wrote:
| I checked--if you have turned 5x-shift sticky keys off, you
| don't get that window when locked, defeating this exploit. So
| that would be a good workaround. Many users turn it off!
| [deleted]
| [deleted]
| Jon_Lowtek wrote:
| What does this have to do with Bitlocker?
|
| EDIT: i get it now, it plays a small part in the exploit chain
| because it doesn't correctly verify what it sets permissions on
| when automounting usb drives.
| eznzt wrote:
| Nothing, but it sounds more severe if you involve bitlocker
| somehow.
| matthewsssy wrote:
| Also, i use another one program, with which you can find out
| here https://blog.mspy.com/get-7-days-mspy-free how to track a
| cell phone location without them knowing easy!
| shawnz wrote:
| Agreed, it is wrong to describe this as a Bitlocker bypass.
| From what I can see it is actually a Windows lock screen bypass
| and also privilege escalation vulnerability.
| The_big_unknown wrote:
| There's less need to jump through all these hoops if you have
| physical access to a PC with enabled USB ports. For example:
| you could boot from the USB device and access the local storage
| if it's not encrypted.
|
| EDIT: I meant to say "if you have physical access without
| Bitlocker enabled". Bitlocker is protecting the contents of the
| storage, if you can bypass the lockscreen on a Bitlocker
| protected computer you've evaded this protection.
| Speednet wrote:
| But this article is about bypassing Bitlocker, so that's not
| relevant. Also, if a system is unencrypted there are a
| multitude of ways to easily read the contents. That goes for
| any device or operating system.
| Jon_Lowtek wrote:
| The article is about bypassing the Windows Lockscreen, it
| is not about bypassing Bitlocker.
| [deleted]
| segfaultbuserr wrote:
| There are two approaches to full disk encryption. The first one
| is the traditional approach: The encryption is applied
| independently from the operating system. The key is controlled
| by the user. The system cannot even boot without the correct
| key because the underlying hard drive is inaccessible. The
| disadvantage is the need of entering (very long) keys manually
| on boot.
|
| The second approach, which is popular on phones and tablets, is
| to use disk encryption transparently, usually with hardware
| assistance. On boot, the key is automatically filled in by
| hardware (TPM for BitLocker) when some conditions are met, no
| passphrase is asked. In this case, the disk encryption employed
| is not really a "true" encryption [0], instead, it's an
| extension of operating system's authentication mechanism.
| BitLocker's sole purpose is to prevent anyone from bypassing
| the login screen by pulling out the hard drive, rewriting the
| password, and putting the hard drive back in. It's also why
| smartphones can be reasonably secure even with a 4-digit PIN.
|
| This authentication exploit bypasses the login screen despite
| BitLocker, so it's technically a BitLocker bypass, although it
| doesn't break any crypto.
|
| BitLocker can be configured to use either the first approach or
| the second approach. The second approach is used on many
| systems by default. As the exploit has shown, if you have
| serious security requirements, using the first approach is more
| secure (but do remember to shut down the computer often).
|
| [0] For example, in case of TPM, the BitLocker key can also be
| physically extracted on boot using a logic analyzer to monitor
| the communication between the host and TPM... Nevertheless, if
| you can put a security coprocessor into the CPU itself, it can
| be reasonably secure since key extraction is really difficult,
| some smartphone's encryption (e.g. iPhone) uses this method.
| sdrinf wrote:
| Heavy bitlocker user here, and up until now assumed the first
| approach is what's going on; how do I verify which system is
| used, and switch to the former in a few words?
|
| Thanks for the heads-up!
| segfaultbuserr wrote:
| > _how do I verify which system is used, and switch to the
| former in a few words?_
|
| Check whether you are using pre-boot authentication.
| BitLocker offers true encryption only if pre-boot
| authentication is used. Here's a tutorial:
| https://www.howtogeek.com/262720/how-to-enable-a-pre-boot-
| bi... More information on BitLocker's implementation
| details and its threat model can be found in Microsoft's
| documentation [0].
|
| > On computers with a compatible TPM, operating system
| drives that are BitLocker-protected can be unlocked in four
| ways:
|
| > TPM-only. Using TPM-only validation does not require any
| interaction with the user to unlock and provide access to
| the drive. If the TPM validation succeeds, the user sign in
| experience is the same as a standard logon.
|
| > TPM with startup key. In addition to the protection that
| the TPM-only provides, part of the encryption key is stored
| on a USB flash drive, referred to as a startup key. Data on
| the encrypted volume cannot be accessed without the startup
| key.
|
| > TPM with PIN. In addition to the protection that the TPM
| provides, BitLocker requires that the user enter a PIN.
| Data on the encrypted volume cannot be accessed without
| entering the PIN.
|
| > TPM with startup key and PIN. In addition to the core
| component protection that the TPM-only provides, part of
| the encryption key is stored on a USB flash drive, and a
| PIN is required to authenticate the user to the TPM.
|
| TPM-only is the default option, it's better than no
| security, but arguably insecure (depending on your threat
| model). TPM with PIN or startup key offers true encryption,
| they are not vulnerable to this category of attacks. But
| clearly, using a user-supplied key or PIN has its own
| disadvantage (which is why TPM-only mode was invented in
| the first place).
|
| > On the other hand, Pre-boot authentication prompts can be
| inconvenient to users. In addition, users who forget their
| PIN or lose their startup key are denied access to their
| data until they can contact their organization's support
| team to obtain a recovery key. Pre-boot authentication can
| also make it more difficult to update unattended desktops
| and remotely administered servers because a PIN needs to be
| entered when a computer reboots or resumes from
| hibernation.
|
| [0] https://docs.microsoft.com/en-
| us/windows/security/informatio...
| xaduha wrote:
| If you have auto-unlock on your system disk, then by the
| time you get to the login prompt the key from TPM was
| already read and used to decrypt your disk. Any sort of
| auto-unlock is inherently less secure.
| shawnz wrote:
| Do you need to type a disk encryption password into a
| Bitlocker-branded screen before Windows boots? Or
| alternatively are you required to insert a specific USB
| stick with a key file?
|
| If so, you are using one of the more secure configurations.
| If not, you are using the less secure (TPM-only)
| configuration.
| Jon_Lowtek wrote:
| > This authentication exploit bypasses the login screen
| despite BitLocker, so it's technically a BitLocker bypass
|
| No. No, it is not. Let me give a similar example: lets say
| the drive requires a PIN and i ask the user to enter the PIN,
| then i still get to the starting conditions of this article.
|
| Technically i could argue it now includes a social
| engineering variant of a bitlocker bypass, but it should be
| very obvious there is no actual bypass, only an "assume it is
| open" precondition. The article has an "assume the device is
| configured in a way that i can walk right past bitlocker to
| the lockscreen" and then calls it _" Bypassing BitLocker in 6
| easy steps"_. No, just no. Not technically, not
| theoretically, just no.
|
| Not to be unfair to the author, the lockscreen bypass is
| clever and teaches a lot about defensive coding. It is a good
| finding. But the article gets dragged down by the
| sensationalist title, because the content is not what it says
| it is.
| fulafel wrote:
| About terminology: in security engineering and cryptography,
| encryption methods and key management are considered
| different things[1]. Here in both cases the encryption method
| is equally secure. But the security of the system depends on
| of the key management method (or keying, for short).
|
| Encryption is necessary, but not sufficient, to have secure .
|
| [1] And then there's integrity, replay protection,
| nonreprudiation, forward security.. etc other properties.
| kube-system wrote:
| > Nevertheless, if you can put a security coprocessor into
| the CPU itself
|
| M1 powered Macs do this too. Does Intel or AMD make any chips
| with a TPM built in?
| lnl wrote:
| Two months ago, Microsoft announced the Pluton security
| processor and that future AMD, Intel, Qualcomm CPUs will
| have it. It seems to be for this exact purpose:
|
| > These sophisticated attack techniques target the
| communication channel between the CPU and TPM, which is
| typically a bus interface. (...) The Pluton design removes
| the potential for that communication channel to be attacked
| by building security directly into the CPU.
|
| https://www.microsoft.com/security/blog/2020/11/17/meet-
| the-...
| aksss wrote:
| Isn't that what Intel PTT is? Basically TPM baked in? Not
| entirely sure myself but I think PTT did away with the need
| for a discrete TPM coprocessor.
| kube-system wrote:
| Ah, sounds like it. Thanks, I wasn't aware of PTT.
| [deleted]
| teddyh wrote:
| > _The disadvantage is the need of entering (very long) keys
| manually on boot._
|
| Shameless plug: Mandos solves this problem on Debian (and
| derivatives): https://www.recompile.se/mandos
| tinus_hn wrote:
| Also this bypasses the protection offered by Bitlocker (in the
| typical 'keys are stored in the TPM' setup) as it grants access
| to the system from the login screen without entering a
| password.
|
| So if you steal a laptop you can get at the drive contents
| using this trick.
| resynth1943 wrote:
| Perfect use-case for Narrator ;-)
| TACIXAT wrote:
| This is not the bitlocker bios pin entry lock screen. That's what
| I was imagining from the title.
| [deleted]
| zaroth wrote:
| I really wish there was video of the entire process start to
| finish.
|
| This part in particular seems like it would be incredibly amusing
| right before the account gets added;
|
| > _It is easy to see when the loop is running because the
| Narrator will move its focus box and say "access denied" every
| second._
|
| This truly is Hollywood style hacking made real.
| varispeed wrote:
| I wonder if this was left on purpose for law enforcement or
| corporate spies and if there are more vulnerabilities like this.
| Seems like it's better to just stay with good old TC.
| sanqui wrote:
| Reminds me of this classic Windows 98 (I believe) login screen
| bypass. https://i.imgur.com/rG0p0b2.gif
| dexen wrote:
| Ah, a classic. The flat color top bar suggests it's Windows 95,
| rather than the 98 (which used a color gradient):
| https://imgur.com/a/4uamhPu
| Kwpolska wrote:
| It might also be Windows 98 running in 16 color mode.
| kasabali wrote:
| also might be gif dithering
| garaetjjte wrote:
| Android FRP is also bypassed by various tricks like this.
| (usually involving starting Talkback, going into help, there
| clicking on YouTube video, clicking something to open
| browser...etc)
| sodality2 wrote:
| Yep. Exactly what I did a few months ago to bypass FRP
| flomo wrote:
| I'll be that guy and mention that Windows 9x had no local
| security and this was considered NOTABUG. You could also press
| F8 to drop to DOS and run something like win.exe /nonetwork.
| bouke wrote:
| There was (and still is) misconception regarding that screen.
| That screen is for authenticating on the network. I believe you
| could also just close the dialog. It's _not_ for authenticating
| a local user account. Failing to authenticate you just couldn't
| access network shares.
| AnssiH wrote:
| I believe that depends on the configuration.
|
| The error dialog in the gif when Cancel is pressed does say
| "You cannot use Windows unless your login name is validated
| by the network."
| sitharus wrote:
| I recall being able to just cancel that dialog back in the
| day. There was a group policy to require network
| authentication added at some point, but I don't know when.
| mike-cardwell wrote:
| Reminds me of that classic OSX root login bypass by not using a
| password from 3 years ago: https://ma.ttias.be/root-login-
| without-password-allowed-defa...
| sslalready wrote:
| Reminds me of the Solaris TTYPROMPT in.telnetd bypass:
| https://packetstormsecurity.com/files/114491/Solaris-
| TTYPROM...
| mkr-hn wrote:
| Don't forget booting Linux in single user mode with a
| simple GRUB edit to bypass the login.
| SteveNuts wrote:
| This one makes sense to me, if someone has access to the
| console during boot, there's not much sense in preventing
| them from logging in. At that point they could just pull
| the drive and mount it in a different computer and
| replace passwd and shadow.
|
| If you want to prevent this you need full disk encryption
| vimy wrote:
| I wonder how people find glitches like this.
| Blackthorn wrote:
| For me, it was boredom and cheapness. Once my trial copy of
| Win2k ran out and it confronted me with it, I tried hitting
| ctrl+alt+del. To my surprise, it worked. So from there I was
| just able to launch explorer.exe.
|
| I was a kid then. Kids these days are finding these sorts of
| "exploits" in phones and whatnot all the time.
| thestepafter wrote:
| You have to understand the data at a structural level and how
| it flows through the application. Then you can identify entry
| points to access that data using non-traditional methods that
| the developers may not have considered when implementing
| security features.
|
| That, or get lucky by clicking around a lot.
| sudeepj wrote:
| Compared to today, when I see Win9x & WinXP I feel a strange
| bit of innocence and how simple it was back then, both for
| individual developers & industry as a whole. (kinda difficult
| to articulate what I want to say)
|
| May be its not the Windows but 90s & early 2000s ... don't
| know.
| meibo wrote:
| Absolutely - I'd like to know why exactly MS decided to make
| the classic theme unaccessible.
|
| On early Windows 10 versions, you were able to re-enable it
| by stopping the window manager from creating the modern theme
| resources, I'm not sure if that still works but it leads me
| to think that they did it for brand reasons. Classic theme is
| distinctly "old" and they probably wanted to get rid of that
| conception.
| ashleyn wrote:
| First thing I thought of. Can't even believe this kind of stuff
| is still happening in Windows in 2021.
| bitexploder wrote:
| Happened to iOS a while ago too.
| axegon_ wrote:
| I didn't know that one back then but there was another one,
| where you could remove a file(or rename it) from C:/Windows(I
| don't remember which one it was, but 10 year old me definitely
| knew, but somehow I think it was C:/Windows/passwd) from DOS.
| Then you type in any password and it let you in and then you
| just swap the file with the old one once you are done. _Sigh_
| the number of times my classmates asked me to use it on our
| math teacher 's computer in order to copy the tests...
| harikb wrote:
| Well technically that is possible in any OS. You can mount
| the drive elsewhere or to a live cd, change root password.
| That is the recommended way to recover from lost root
| password (assuming FS is not encrypted - which was the case
| you were talking about)
|
| Let us assume one can't easily modify the filesystem or
| special boot options are not available
| elteto wrote:
| You could bypass the screensaver lock this way. If the C:
| drive was shared over the network (and more often than not it
| was!) you could just rename c:\windows\scrnsave.exe and the
| process would crash.
|
| Fun times!
| afandian wrote:
| Our target was Visual Basic 3. You could start it through
| Microsoft Access, which somehow let you execute arbitrary
| commands.
| brian_herman wrote:
| I think you are thinking of this one use it all the time at
| work. https://4sysops.com/archives/reset-a-
| windows-10-password/
| axegon_ wrote:
| Could be(or something similar I guess, I moved over to the
| penguin army in 2000).
| gruez wrote:
| That's not exactly the same, because it's essentially
| modifying the operating system files to bypass the security
| checks, whereas this article and the gif are basically
| loopholes in the OS that gives you access.
| transcriptase wrote:
| Another fun one in the early 2000s was if your organization was
| using Novell Groupwise, you could run any executable by
| renaming it nalwin32.exe
|
| Good times playing Age of Empires and Half Life on school
| computers over LAN using that!
| girvo wrote:
| Also, you could drop into the Visual Basic editor from any
| office program: the File > Open dialog would happily launch
| any executable under Novell lol.
|
| We played Quake mostly!
| [deleted]
| adzm wrote:
| > If the application has a manifest, then any .local files are
| ignored.
|
| I suppose this does not hold true for the .local folder named
| that, apparently? I had not seen it documented before that it
| looks in that specially crafted dll subfolder (presumably using
| information from the manifest) to load a dll that is specified in
| one.
___________________________________________________________________
(page generated 2021-01-17 23:00 UTC)