Intrusion Prevention



This indicates an attempt to exploit a DLL Hijacking vulnerability in some Windows software.
The vulnerability is caused by unsafe DLL loading paths used by some software. By planting a malicious DLL with a specific name on a network share and getting the user to open a media file from this network location using vulnerable software, a remote attacker can execute arbitrary code on vulnerable system.

Affected Products

Windows software with unsafe DLL loading.


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for a suggested workaround.