The fallout for DLL exploits is growing, as newly published research shows that binary planting bugs are not limited to Microsoft programs alone.
According to recently published lists, programs such as Mozilla Firefox and Adobe Photoshop have been added to the increasing number of vulnerable DLL applications that include Microsoft Word 2007, Microsoft Office Visio 2003, and Microsoft Office PowerPoint 2010. The DLL bugs, Microsoft says, are caused by applications passing an insufficiently qualified path when loading an external library. Of the 520 DLL exploits found by researchers at Acros Security, most were DLL file loading issues. The rest were due to insecure loading of executables such as exe. and .com files.
In a recent video post, CoreTrace’s Greg Valentine demonstrates how the base operating system is susceptible to the DLL hijack vulnerability, and how application whitelisting protects systems by blocking all attempts made by PowerPoint to execute corrupt DLL files.
With application developers still the ones responsible for fixing affected applications, one of the biggest challenges organizations face is knowing the number of applications that are potentially vulnerable to DLL bugs. On the other hand, networks protected by whitelisting solutions such as BOUNCER by CoreTrace aren’t hit with the extra time and resources needed to research and clean up applications impacted by malicious DLL files.