Saturday, September 11, 2010

Windows DLL Hijack Vulnerability Affects Exe Files As Well

The recently discovered DLL hijack vulnerability in Windows appears to be more critical than thought. Up until now it was confirmed that Windows would load dlls from the current working directory if they cannot be found in directories with a higher search priority. This in turn meant that attackers had to use a dll unknown on the system to exploit the vulnerability. Users who want a confirmed list of Windows programs that are affected by the DLL vulnerability can visit Secunia for that. At the time of writing, a total of 123 different applications by 47 vendors are affected.
Windows DLL Hijack Vulnerability Affects Exe Files As Well

No comments: