Intrusion Prevention

DLL.Hijacking

Description

This indicates an attempt to exploit a DLL Hijacking vulnerability in some Windows software.
The vulnerability is caused by unsafe DLL loading paths used by some software. By planting a malicious DLL with a specific name on a network share and getting the user to open a media file from this network location using vulnerable software, a remote attacker can execute arbitrary code on vulnerable system.

Affected Products

Windows software with unsafe DLL loading.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for a suggested workaround.
http://www.microsoft.com/technet/security/advisory/2269637.mspx