The “new” Insecure Library Loading vulnerability (2269637) in action… The Metasploit team has added a exploit module for this vulnerability. Check it out.

Vi o video, e achei muito legal.
Microsoft DLL Hijacking Exploit in Action

A M$ por sua vez, respondeu desta forma
Microsoft on Monday responded to reports of potential zero-day attacks against a large number of Windows programs by publishing a tool it said would block known exploits.

However, the company declined to confirm whether any of its own applications are vulnerable, saying that it is currently investigating Microsoft-made software.

Monday's security advisory was its first public reaction to a wave of reports from researchers that developers have left a large number of Windows programs open to attack.

Many Windows applications don't call code libraries -- dubbed "dynamic-link library," or "DLL" -- using the full pathname, but instead use only the filename, giving hackers wiggle room. Criminals can exploit that by tricking the application into loading a malicious file with the same name as the required DLL. The result: Hackers can hijack the PC and plant malware on the machine.

Mais: Microsoft releases tool to block DLL load hijacking attacks - Computerworld


Mais: