diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index c29e89309..df9e1fb19 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,20 @@
+2010-08-28  Corinna Vinschen  <corinna@vinschen.de>
+
+	* autoload.cc (LoadDLLprime): Change dllname storage to string16.
+	(struct dll_info): Convert name to WCHAR.
+	(std_dll_init): Load DLLs with full path to windows system directory.
+	Add hint to Microsoft security advisory.
+	* dcrt0.cc (init_windows_system_directory): New function.
+	(dll_crt0_0): Call init_windows_system_directory first.
+	* exceptions.cc (windows_system_directory): Move to globals.cc.
+	(windows_system_directory_length): Ditto.
+	(events_init): Drop code fetching windows_system_directory.
+	* globals.cc (windows_system_directory): New global variable.
+	(windows_system_directory_length): Ditto.
+	* net.cc (load_ipv6_funcs): Use windows_system_directory rather than
+	GetSystemDirectoryW.
+	* netdb.cc (open_system_file): Ditto.  Simplify debug output.
+
 2010-08-27  Corinna Vinschen  <corinna@vinschen.de>
 
 	* external.cc (sync_wincwd): Remove.
diff --git a/winsup/cygwin/autoload.cc b/winsup/cygwin/autoload.cc
index cbd2751c8..30bbec702 100644
--- a/winsup/cygwin/autoload.cc
+++ b/winsup/cygwin/autoload.cc
@@ -68,7 +68,7 @@ bool NO_COPY wsock_started;
   .long		0					\n\
   .long		-1					\n\
   .long		" #init_also "				\n\
-  .asciz	\"" #dllname "\"			\n\
+  .string16	\"" #dllname ".dll\"			\n\
   .text							\n\
   .set		" #dllname "_primed, 1			\n\
 .endif							\n\
@@ -186,7 +186,7 @@ struct dll_info
   HANDLE handle;
   LONG here;
   void (*init) ();
-  char name[];
+  WCHAR name[];
 };
 
 struct func_info
@@ -211,6 +211,7 @@ std_dll_init ()
   struct func_info *func = (struct func_info *) __builtin_return_address (0);
   struct dll_info *dll = func->dll;
   retchain ret;
+  WCHAR dll_path[MAX_PATH];
 
   if (InterlockedIncrement (&dll->here))
     do
@@ -223,7 +224,9 @@ std_dll_init ()
     {
       unsigned fpu_control = 0;
       __asm__ __volatile__ ("fnstcw %0": "=m" (fpu_control));
-      if ((h = LoadLibrary (dll->name)) != NULL)
+      /* http://www.microsoft.com/technet/security/advisory/2269637.mspx */
+      wcpcpy (wcpcpy (dll_path, windows_system_directory), dll->name);
+      if ((h = LoadLibraryW (dll_path)) != NULL)
 	{
 	  __asm__ __volatile__ ("fldcw %0": : "m" (fpu_control));
 	  dll->handle = h;
diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc
index 5dfad7c10..12e84f42e 100644
--- a/winsup/cygwin/dcrt0.cc
+++ b/winsup/cygwin/dcrt0.cc
@@ -36,6 +36,7 @@ details. */
 #include "tls_pbuf.h"
 #include "exception.h"
 #include "cygxdr.h"
+#include "ntdll.h"
 
 #define MAX_AT_FILE_LEVEL 10
 
@@ -679,9 +680,23 @@ disable_dep ()
 }
 #endif
 
+/* Retrieve and store system directory for later use.  Note that the 
+   directory is stored with a trailing backslash! */
+static void
+init_windows_system_directory ()
+{
+  windows_system_directory_length =
+	GetSystemDirectoryW (windows_system_directory, MAX_PATH);
+  if (windows_system_directory_length == 0)
+    api_fatal ("can't find windows system directory");
+  windows_system_directory[windows_system_directory_length++] = L'\\';
+  windows_system_directory[windows_system_directory_length] = L'\0';
+}
+
 void __stdcall
 dll_crt0_0 ()
 {
+  init_windows_system_directory ();
   init_global_security ();
   initial_env ();
 
diff --git a/winsup/cygwin/exceptions.cc b/winsup/cygwin/exceptions.cc
index e904ff188..db18f7ae4 100644
--- a/winsup/cygwin/exceptions.cc
+++ b/winsup/cygwin/exceptions.cc
@@ -43,8 +43,6 @@ extern void sigdelayed ();
 extern child_info_spawn *chExeced;
 
 static BOOL WINAPI ctrl_c_handler (DWORD);
-static WCHAR windows_system_directory[1024];
-static size_t windows_system_directory_length;
 
 /* This is set to indicate that we have already exited.  */
 
@@ -1348,19 +1346,6 @@ void
 events_init ()
 {
   mask_sync.init ("mask_sync");
-  windows_system_directory[0] = L'\0';
-  GetSystemDirectoryW (windows_system_directory, sizeof (windows_system_directory) / sizeof (WCHAR) - 2);
-  PWCHAR end = wcschr (windows_system_directory, L'\0');
-  if (end == windows_system_directory)
-    api_fatal ("can't find windows system directory");
-  if (end[-1] != L'\\')
-    {
-      *end++ = L'\\';
-      *end = L'\0';
-    }
-  windows_system_directory_length = end - windows_system_directory;
-  debug_printf ("windows_system_directory '%W', windows_system_directory_length %d",
-		windows_system_directory, windows_system_directory_length);
 }
 
 void
diff --git a/winsup/cygwin/globals.cc b/winsup/cygwin/globals.cc
index c517a6233..b6d03e147 100644
--- a/winsup/cygwin/globals.cc
+++ b/winsup/cygwin/globals.cc
@@ -24,6 +24,8 @@ HANDLE NO_COPY hProcImpToken;
 HMODULE NO_COPY cygwin_hmodule;
 HANDLE hExeced;
 int NO_COPY sigExeced;
+WCHAR NO_COPY windows_system_directory[MAX_PATH];
+UINT NO_COPY windows_system_directory_length;
 
 /* program exit the program */
 
diff --git a/winsup/cygwin/net.cc b/winsup/cygwin/net.cc
index c0151e5b6..3e4e45bf4 100644
--- a/winsup/cygwin/net.cc
+++ b/winsup/cygwin/net.cc
@@ -4419,35 +4419,33 @@ static void
 load_ipv6_funcs ()
 {
   tmp_pathbuf tp;
-  PWCHAR lib_name = tp.w_get ();
-  size_t len;
+  PWCHAR lib_path = tp.w_get ();
+  PWCHAR lib_name;
   HMODULE lib;
 
   load_ipv6_guard.init ("klog_guard")->acquire ();
   if (ipv6_inited)
     goto out;
   WSAGetLastError ();	/* Kludge.  Enforce WSAStartup call. */
-  if (GetSystemDirectoryW (lib_name, NT_MAX_PATH))
+  lib_name = wcpcpy (lib_path, windows_system_directory);
+  wcpcpy (lib_name, L"ws2_32.dll");
+  if ((lib = LoadLibraryW (lib_path)))
     {
-      len = wcslen (lib_name);
-      wcpcpy (lib_name + len, L"\\ws2_32.dll");
-      if ((lib = LoadLibraryW (lib_name)))
-	{
-	  if (get_ipv6_funcs (lib))
-	    goto out;
-	  FreeLibrary (lib);
-	}
-      wcpcpy (lib_name + len, L"\\wship6.dll");
-      if ((lib = LoadLibraryW (lib_name)))
-	{
-	  if (get_ipv6_funcs (lib))
-	    goto out;
-	  FreeLibrary (lib);
-	}
-      freeaddrinfo = NULL;
-      getaddrinfo = NULL;
-      getnameinfo = NULL;
+      if (get_ipv6_funcs (lib))
+	goto out;
+      FreeLibrary (lib);
     }
+  wcpcpy (lib_name, L"wship6.dll");
+  if ((lib = LoadLibraryW (lib_path)))
+    {
+      if (get_ipv6_funcs (lib))
+	goto out;
+      FreeLibrary (lib);
+    }
+  freeaddrinfo = NULL;
+  getaddrinfo = NULL;
+  getnameinfo = NULL;
+
 out:
   ipv6_inited = true;
   load_ipv6_guard.release ();
diff --git a/winsup/cygwin/netdb.cc b/winsup/cygwin/netdb.cc
index bf03d1f56..3ac3d25eb 100644
--- a/winsup/cygwin/netdb.cc
+++ b/winsup/cygwin/netdb.cc
@@ -1,6 +1,6 @@
 /* netdb.cc: network database related routines.
 
-   Copyright 2002, 2003, 2007 Red Hat, Inc.
+   Copyright 2002, 2003, 2007, 2010 Red Hat, Inc.
 
 This file is part of Cygwin.
 
@@ -27,13 +27,11 @@ open_system_file (const char *relative_path)
   /* system dir path is never longer. */
   char win32_name[MAX_PATH];
 
-  if (!GetSystemDirectory (win32_name, MAX_PATH))
-    return NULL;
-  strcat (win32_name, "\\drivers\\etc\\");
+  sys_wcstombs (win32_name, MAX_PATH, windows_system_directory);
+  strcat (win32_name, "drivers\\etc\\");
   strcat (win32_name, relative_path);
-  debug_printf ("netdb file to open %s", win32_name);
   FILE *result = fopen (win32_name, "rt");
-  debug_printf ("handle to netdb file %p", result);
+  debug_printf ("handle to netdb file %s: %p", win32_name, result);
   return result;
 }