The “new” Insecure Library Loading vulnerability (2269637) in action… The Metasploit team has added a exploit module for this vulnerability. Check it out.
Vi o video, e achei muito legal.
Microsoft DLL Hijacking Exploit in Action
A M$ por sua vez, respondeu desta forma
Microsoft on Monday responded to reports of potential zero-day attacks against a large number of Windows programs by publishing a tool it said would block known exploits.
However, the company declined to confirm whether any of its own applications are vulnerable, saying that it is currently investigating Microsoft-made software.
Monday's security advisory was its first public reaction to a wave of reports from researchers that developers have left a large number of Windows programs open to attack.
Many Windows applications don't call code libraries -- dubbed "dynamic-link library," or "DLL" -- using the full pathname, but instead use only the filename, giving hackers wiggle room. Criminals can exploit that by tricking the application into loading a malicious file with the same name as the required DLL. The result: Hackers can hijack the PC and plant malware on the machine.
Mais: Microsoft releases tool to block DLL load hijacking attacks - Computerworld
There are currently 1 users browsing this thread. (0 members and 1 guests)