SANS Digital Forensics and Incident Response Blog: Tag - DLL

Digital Forensics Practitioners Take Note: MS DLL Hijacking

DLL Hijacking Issue Gets Out Of Band Fix / Work Around From Microsoft

Though not as simple to pull-off for the bad guys as today's drive-by hacking exploits; successful exploitation requires a user first be tricked into visiting an untrusted WebDAV server in the Internet Zone and then double-click on any type of file, this enables attackers to cause a malicious file to be executed on the user's PC.

Because this is not an enabler of traditional drive-by hacking, many dismissed the severity of this vulnerability. However, given the recent publication of a Microsoft Advisory, Insecure Library Loading Could Allow Remote Code Execution, an initial work around published last week and a new tool released

...