Published: 2010-09-12T03:51+00:00    Last Updated: 2011-03-13T15:53+00:00

JVNTR-2010-23
Microsoft Windows Insecurely Loads Dynamic Libraries (TA10-238A)

Overview

Due to the way Microsoft Windows loads dynamically linked libraries (DLLs), an application may load an attacker-supplied DLL instead of the legitimate one, resulting in the execution of arbitrary code.

Event Information


Date (UTC)Description
2011-03-08 19:28 Microsoft
ms11-mar: Microsoft Security Bulletin Summary for March 2011
Security Update (MS11-015, CVE-2011-003) released.
Security Update (MS11-016, CVE-2010-3146) released.
Security Update (MS11-017, CVE-2011-0029) released.
2011-02-08 18:16 Microsoft
ms11-feb: Microsoft Security Bulletin Summary for February 2011
Security Update (MS11-003, CVE-2011-0038) released.
2011-01-12 18:07 Microsoft
ms11-jan: Microsoft Security Bulletin Summary for January 2011
Security Update (MS11-001, CVE-2010-3145) released.
2010-12-14 19:13 Microsoft
ms10-dec: Microsoft Security Bulletin Summary for December 2010
Security Update (MS10-093, CVE-2010-3967) released.
Security Update (MS10-094, CVE-2010-3965) released.
Security Update (MS10-095, CVE-2010-3966) released.
Security Update (MS10-096, CVE-2010-3147) released.
Security Update (MS10-097, CVE-2010-3144) released.
2010-11-04 Adobe
APSB10-26: Security update available for Adobe Flash Player
Security Update (CVE-2010-3976) released.: Flash Player 10.1.102.64/9.0.289.0
2010-10-20 Mozilla Foundation
MFSA 2010-71: Unsafe library loading vulnerabilities
Security Update (CVE-2010-3181,CVE-2010-3182) released.: Firefox 3.6.11/3.5.14, Thunderbird 3.1.5/3.0.9
2010-10-18 Adobe
APSB10-24: Security update available for InDesign
Security Update (CVE-2010-3153) released.: InDesign CS5 7.0.3/CS4 6.0.6, InDesign Server CS5 7.0.3, InCopy CS5 7.0.3/CS4 6.0.6
2010-09-15 Apple
HT4339: About the security content of QuickTime 7.6.8
Security Update (CVE-2010-1819) released.: QuickTime 7.6.8
2010-09-07 Mozilla Foundation
MFSA 2010-52: Windows XP DLL loading vulnerability
Security Update (CVE-2010-3131) released.: Firefox 3.6.9/3.5.12, Thunderbird 3.1.3/3.0.7
2010-09-01 14:27 US-CERT
Insecure Loading of Dynamic Link Libraries in Windows Applications
US-CERT Current Activity
Public notification for "Workaround (Fix it 50522) ".
2010-08-31 23:21 Microsoft
Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution
Fix it (Disable loading of libraries from WebDAV and remote network shares) released.
2010-08-26 20:40 US-CERT
TA10-238A: Microsoft Windows Insecurely Loads Dynamic Libraries
Technical Cyber Security Alert publised via US-CERT Mailing List.
Public notification for "Microsoft Windows based applications may insecurely load dynamic libraries"
2010-08-25 16:01 US-CERT
Insecure Loading of Dynamic Link Libraries in Windows Applications
US-CERT Current Activity
Public notification for "Security Advisory (VU#707943) ".
2010-08-25 06:44 Metasploit Project
Better, Faster, Stronger: DLLHijackAuditKit v2
DLLHijackAuditKit V2 released.
2010-08-25 Exploit-Database
DLL Hijacking - Vulnerable Applications
Public notification for "Microsoft Windows based applications may insecurely load dynamic libraries"
2010-08-24 00:19 Microsoft
Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution
Security Advisory (2269637) published.
2010-08-23 05:48 Metasploit Project
Exploiting DLL Hijacking Flaws
DLLHijackAuditKit released.
2010-08-23 SANS Internet Storm Center
DLL hijacking vulnerabilities
Vulnerability information and Audit tool have been circulated in-the-wild.
2010-08-18 15:05 ACROS
ASPR #2010-08-18-1-PUB: Remote Binary Planting in Apple iTunes for Windows
Security Advisory (CVE-2010-1795) published.
2010-08-12 Apple
HT4105: About the security content of iTunes 9.1
Security Update (CVE-2010-1795) released.: iTunes 9.1
2010-04-12 16:51 ACROS
ASPR #2010-04-12-1-PUB: Remote Binary Planting in VMware Tools for Windows
Security Advisory (CVE-2010-1141) published.
2010-03-30 VMware
VMSA-2010-0007: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
Security Update (CVE-2010-1141) released.
2010-01-31 University of California, Davis campus
CSE-2010-2.pdf: Automatic Detection of Vulnerable Dynamic Component Loadings
Technical report posted to Web site.
2004-09-02 Microsoft
Dynamic-Link Library Search Order
Windows XP SP2 SafeDllSearchMode (DLL search mode is enabled by default) released.
2003-07-03 Microsoft
Dynamic-Link Library Search Order
Windows 2000 SP4 SafeDllSearchMode (Safe DLL search mode is disabled by default) released.
2001-11-16 Microsoft
Dynamic-Link Library Search Order
Windows XP SafeDllSearchMode (Safe DLL search mode is disabled by default) released.
2000-09-18 Georgi Guninski
Georgi Guninski security advisory #21, 2000 : Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases
Vulnerability proof-of-concept code posted to Web site.