DLL.Hijacking
Description
This indicates an attempt to exploit a DLL Hijacking vulnerability in some Windows software.
The vulnerability is caused by unsafe DLL loading paths used by some software. By planting a malicious DLL with a specific name on a network share and getting the user to open a media file from this network location using vulnerable software, a remote attacker can execute arbitrary code on vulnerable system.
Affected Products
Windows software with unsafe DLL loading.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for a suggested workaround.
http://www.microsoft.com/technet/security/advisory/2269637.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |