Published:
2018/05/17
Last Updated:
2018/05/17
Information from Microsoft Japan Co.,Ltd.
Vulnerability ID:JVN#72748502
Title:Self-Extracting Archive files created by IExpress may insecurely load Dynamic Link Libraries
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
How Microsoft will respond to DLL planting issues is explained in the following blog article.
Triaging a DLL planting vulnerability
https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/
