PATH or DLL preloading remote attack vector 'Best Practices & Tools', Microsoft SA 2269637

Microsoft Security Advisory 2269637 is an official guidance in response to security research that has outlined a new, remote vector for a well-known class of vulnerabilities, known as DLL preloading or "binary planting" attacks," informs Microsoft."PATH or DLL preloading attacks have so far required attacker to plant the malicious library on local client system. Because […]

Microsoft Security Advisory 2269637 is an official guidance in response to security research that has outlined a new, remote vector for a well-known class of vulnerabilities, known as DLL preloading or "binary planting" attacks," informs Microsoft.

"PATH or DLL preloading attacks have so far required attacker to plant the malicious library on local client system. Because this's a new vector, rather than a new class of vulnerability, existing best practices that protect against this class of vulnerability, automatically protect against this new vector: ensuring that apps make calls to trusted libraries using full path names. Additionally, KB2264107 offers for download a tool that allows customers to selectively change the library loading behavior, either system-wide or for specific apps."

More Info: SRD blog