MS.Windows.Insecure.Library.Loading.Code.Execution
Description
This indicates a possible attack against a remote code execution vulnerability in Microsoft Windows applications in the way the applications load external libraries.
When the vulnerable application loads a DLL file without specifying a fully qualified path name, Windows will try to locate the DLL by searching a defined set of directories which could lead to arbitrary code execution.
Affected Products
Microsoft Windows system with webclient service on
Impact
System compromise
Recommended Actions
Refer to the vendor's advisory:
http://www.microsoft.com/technet/security/advisory/2269637.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |