ITPRO

Printed from www.itpro.co.uk

Register to receive our regular email newsletter at http://www.itpro.co.uk/reg/register.

The newsletter contains links to our latest IT news, product reviews, features and how-to guides, plus special offers and competitions.

Skip to navigation

    Windows apps may succumb to DLL exploit

A DLL hijack is now available in toolkit form.

By Eric Doyle, 24 Aug 2010 at 11:13

DLL exploit
DLL exploit gallery

Hundreds of Windows applications could be at greater risk now exploit code for a dynamic link library (DLL) hijack vulnerability is openly available.

Code for launching an attack has been added to Metasploit, an open-source hacking toolkit. Also, an auditing tool that checks for and records information about vulnerable applications is now available.

Security experts have claimed it will not be long before attacks start to appear, but it does require a chain of events to work.

If an attacker could trick a user into opening a harmless executable file from the current directory, it could load a corrupted DLL created by the attacker and stored in the same directory. This directory could be a USB drive, an extracted archive or a remote network share.

The vulnerability has been known about for well over a decade but it has become more dangerous as removable storage and web-based applications have appeared. Originally, the DLL would had to have been stored on the local system.

The reason it had not been fixed was it was seen as bad programming rather than a Windows flaw. Microsoft did make changes, however, to the default DLL loading order so that other directories were checked for the file first rather than the current directory.

Microsoft issued an advisory on Monday confirming there was a security issue and offering advice. It has created a special registry key that programs can access to eliminate the problem. The company will also be looking for vulnerable applications and helping developers to eliminate risks.

Email to a friend

Print this page

< Previous   Security : News Next >
BYOD; get advice on managing mobile devices in your organisation

Office 365: A complete Guide

Be the first to comment on this article

You need to Login or Register to comment.

    You may also like...

 Sponsored Links

advertisement

    You may also like...

    Latest Security Analysis & Insight

passwords

What is your password worth?

Would you be tempted to sell off company passwords for a fee? If not, seems like you're in the minority, acccording to research.

Read more

 

More Security Analysis & Insight

    Latest Security Reviews

Check Point 2210 Appliance

Check Point 2210 Appliance review

Rating: 4

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.

Read more

 

More Security Reviews

advertisement

    Most popular

    Latest News Videos in Security

Data protection

IT PRO Podcast: Are UK data protection laws flawed?

Play IT PRO Podcast: Are UK data protection laws flawed?   Play

We bring in two experts to talk about the problems with UK data protection law and the way it is managed.

 

    Register for IT PRO

You'll get exclusive member benefits including free whitepapers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.

Register
Sponsored Links
Advertisement