Windows DLL exploits boom

From InfoWorld: Some of the world's most popular Windows programs are vulnerable to a major bug in how they load critical code libraries, according to sites tracking attack code.

Among the Windows applications that can be exploited using a systemic bug that many have dubbed "DLL load hijacking," are the Firefox, Chrome, Safari and Opera browsers; Microsoft's Word 2007; Adobe's Photoshop; Skype; and the uTorrent BitTorrent client.

"Fast and furious, incredibly fast," said Andrew Storms, director of security operations for nCircle Security, referring to the pace of exploit postings for the vulnerability in Windows software called "DLL load hijacking" by some, "binary planting" by others.

On Monday, Microsoft confirmed reports of unpatched vulnerabilities in a large number of Windows programs, then published a tool it said would block known attacks. The flaws stem from the way many Windows applications call code libraries -- dubbed "dynamic-link library," or "DLL" -- that give hackers wiggle room they can exploit by tricking an application into loading a malicious file with the same name as a required DLL.

If attackers can dupe users into visiting malicious websites or remote shares, or get them to plug in a USB drive -- and in some cases con them into opening a file -- they can hijack a PC and plant malware on it.

View: Article @ Source Site