Microsoft “DLL Preloading” Security Advisory Released

Microsoft has released Security Advisory 2269637.  This advisory is different from most others as it’s not directly related to specific vulnerabilities in Microsoft products.   This is their official guidance in response to recently released security research that outlined a new, remote vector for a well-known class of vulnerabilities known as DLL preloading or “binary planting” attacks, as well as a mitigation strategy against exploitation of this vulnerability in the form of a tool that can be configured to disable the loading of libraries from network shares.  Microsoft is also currently conducting a thorough investigation into how this new vector may affect their products.

Microsoft TechNet Blog

Advertisements

One thought on “Microsoft “DLL Preloading” Security Advisory Released

  1. Pingback: Microsoft “DLL Preloading” Security Advisory Released — National Cyber Security National Cyber Security

Comments are closed.