Microsoft acknowledged in an advisory on Monday a type of attack mechanism known as DLL preloading, or binary planting and said that while it is not new it does have a new remote-attack vector. Malicious code can now be planted on a network share instead of just on a local system, making it much easier to attack vulnerable systems by duping people into clicking on malicious Web links or opening malicious documents.More info at CNET.
Security firm Acros disclosed the issue last week after finding that it affects iTunes, and Rapid7 Chief Technology Officer HD Moore published additional information about it this week here and here. Moore, creator of the Metasploit database and framework, also released a tool to test whether applications are vulnerable.
Windows DLL security flaw impacts hundreds of applications
Posted on Wednesday, August 25 2010 @ 18:02 CEST by Thomas De Maesschalck