Published: 2010-09-12T03:51+00:00
Last Updated: 2011-03-13T15:53+00:00
JVNTR-2010-23
Microsoft Windows Insecurely Loads Dynamic Libraries (TA10-238A)
Overview
Due to the way Microsoft Windows loads dynamically linked libraries (DLLs), an application may load an attacker-supplied DLL instead of the legitimate one, resulting in the execution of arbitrary code.
Event Information
Date (UTC) | Description |
2011-03-08 19:28 |
Microsoft ms11-mar: Microsoft Security Bulletin Summary for March 2011 Security Update (MS11-015, CVE-2011-003) released. Security Update (MS11-016, CVE-2010-3146) released. Security Update (MS11-017, CVE-2011-0029) released. |
2011-02-08 18:16 |
Microsoft ms11-feb: Microsoft Security Bulletin Summary for February 2011 Security Update (MS11-003, CVE-2011-0038) released. |
2011-01-12 18:07 |
Microsoft ms11-jan: Microsoft Security Bulletin Summary for January 2011 Security Update (MS11-001, CVE-2010-3145) released. |
2010-12-14 19:13 |
Microsoft ms10-dec: Microsoft Security Bulletin Summary for December 2010 Security Update (MS10-093, CVE-2010-3967) released. Security Update (MS10-094, CVE-2010-3965) released. Security Update (MS10-095, CVE-2010-3966) released. Security Update (MS10-096, CVE-2010-3147) released. Security Update (MS10-097, CVE-2010-3144) released. |
2010-11-04 |
Adobe APSB10-26: Security update available for Adobe Flash Player Security Update (CVE-2010-3976) released.: Flash Player 10.1.102.64/9.0.289.0 |
2010-10-20 |
Mozilla Foundation MFSA 2010-71: Unsafe library loading vulnerabilities Security Update (CVE-2010-3181,CVE-2010-3182) released.: Firefox 3.6.11/3.5.14, Thunderbird 3.1.5/3.0.9 |
2010-10-18 |
Adobe APSB10-24: Security update available for InDesign Security Update (CVE-2010-3153) released.: InDesign CS5 7.0.3/CS4 6.0.6, InDesign Server CS5 7.0.3, InCopy CS5 7.0.3/CS4 6.0.6 |
2010-09-15 |
Apple HT4339: About the security content of QuickTime 7.6.8 Security Update (CVE-2010-1819) released.: QuickTime 7.6.8 |
2010-09-07 |
Mozilla Foundation MFSA 2010-52: Windows XP DLL loading vulnerability Security Update (CVE-2010-3131) released.: Firefox 3.6.9/3.5.12, Thunderbird 3.1.3/3.0.7 |
2010-09-01 14:27 |
US-CERT Insecure Loading of Dynamic Link Libraries in Windows Applications US-CERT Current Activity Public notification for "Workaround (Fix it 50522) ". |
2010-08-31 23:21 |
Microsoft Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution Fix it (Disable loading of libraries from WebDAV and remote network shares) released. |
2010-08-26 20:40 |
US-CERT TA10-238A: Microsoft Windows Insecurely Loads Dynamic Libraries Technical Cyber Security Alert publised via US-CERT Mailing List. Public notification for "Microsoft Windows based applications may insecurely load dynamic libraries" |
2010-08-25 16:01 |
US-CERT Insecure Loading of Dynamic Link Libraries in Windows Applications US-CERT Current Activity Public notification for "Security Advisory (VU#707943) ". |
2010-08-25 06:44 |
Metasploit Project Better, Faster, Stronger: DLLHijackAuditKit v2 DLLHijackAuditKit V2 released. |
2010-08-25 |
Exploit-Database DLL Hijacking - Vulnerable Applications Public notification for "Microsoft Windows based applications may insecurely load dynamic libraries" |
2010-08-24 00:19 |
Microsoft Microsoft Security Advisory (2269637): Insecure Library Loading Could Allow Remote Code Execution Security Advisory (2269637) published. |
2010-08-23 05:48 |
Metasploit Project Exploiting DLL Hijacking Flaws DLLHijackAuditKit released. |
2010-08-23 |
SANS Internet Storm Center DLL hijacking vulnerabilities Vulnerability information and Audit tool have been circulated in-the-wild. |
2010-08-18 15:05 |
ACROS ASPR #2010-08-18-1-PUB: Remote Binary Planting in Apple iTunes for Windows Security Advisory (CVE-2010-1795) published. |
2010-08-12 |
Apple HT4105: About the security content of iTunes 9.1 Security Update (CVE-2010-1795) released.: iTunes 9.1 |
2010-04-12 16:51 |
ACROS ASPR #2010-04-12-1-PUB: Remote Binary Planting in VMware Tools for Windows Security Advisory (CVE-2010-1141) published. |
2010-03-30 |
VMware VMSA-2010-0007: VMware hosted products, vCenter Server and ESX patches resolve multiple security issues Security Update (CVE-2010-1141) released. |
2010-01-31 |
University of California, Davis campus CSE-2010-2.pdf: Automatic Detection of Vulnerable Dynamic Component Loadings Technical report posted to Web site. |
2004-09-02 |
Microsoft Dynamic-Link Library Search Order Windows XP SP2 SafeDllSearchMode (DLL search mode is enabled by default) released. |
2003-07-03 |
Microsoft Dynamic-Link Library Search Order Windows 2000 SP4 SafeDllSearchMode (Safe DLL search mode is disabled by default) released. |
2001-11-16 |
Microsoft Dynamic-Link Library Search Order Windows XP SafeDllSearchMode (Safe DLL search mode is disabled by default) released. |
2000-09-18 |
Georgi Guninski Georgi Guninski security advisory #21, 2000 : Double clicking on MS Office documents from Windows Explorer may execute arbitrary programs in some cases Vulnerability proof-of-concept code posted to Web site. |