Microsoft DLL Pre-loading ‘Fix-It’ Released

Microsoft has released a Fix-It tool to help mitigate the DLL pre-load remote code execution issue.  The flaw, publicly discussed by Metasploit’s HD Moore and others, affects hundreds of Windows applications and requires separate patches for each affected product.  Details emerge on new DLL load hijacking Windows attack vector.  According to this unofficial list of affected software, vendors affected includes Microsoft, Adobe, Apple, Cisco, Citrix, Google, Mozilla and Nokia.

ZdNet

Advertisements