Microsoft Unveils Workaround for Remote DLL Attacks

by Brandon Dimmel on 20100825 @ 10:29PM EST | google it | send to friends
Filed under Business | Microsoft | (related terms: microsoft, link library files, windows, dlls dynamic, remotely)

Microsoft has addressed a vulnerability affecting the way certain Windows programs load DLLs (dynamic link library files). It has done so by releasing an advisory that explains how to avoid being exploited by hackers.

Although the flaw was only recently reported, it's a variation of a decade-old issue affecting DLLs. Dynamic link library files are commonly shared amongst multiple Windows programs and are typically included inside Windows setup / install programs.

The exploit works like this: if a hacker is able to convince a user into opening a file, they can force a program to load a malicious DLL created by the attacker.

DLL Attacks Now Executed Remotely

In older instances where this kind of attack was used, the malicious file had to be located on a local system. The recent change to this model is that now attackers can exploit a network or server remotely. (Source: pcmag.com)

As complaints surrounding this issue emerged years ago, Microsoft was able to adjust the way DLLs were loaded and limit the chance of an attack. However, Microsoft did not create a solution that completely eliminated the threat, which has allowed hackers to slowly adapt.

Microsoft's reason for not completely fixing the problem was simple: it feared such a move would cause too many incompatibility issues across too many systems.

Complex Workaround Now Available

The company has released an advisory and workaround to prevent people from getting attacked remotely.

Microsoft recommends developers follow closely follow security procedures as described on MSDN (Microsoft Developer Network), and for administrators it says a solution is to block TCP ports 139 and 445 at the firewall level while disabling the WebClient service temporarily.

Because the workaround will not solve the issue permanently, Microsoft says it is working with security experts to devise a plan that will defeat this nagging problem once and for all.

"We are currently conducting a thorough investigation into how this new vector may affect Microsoft products," said Christopher Budd, Microsoft senior security response communications manager. (Source: pcworld.com)

Stay Informed: Subscribe Free to Infopackets, Today! Get your daily fix of Microsoft Windows news, reviews, tech tips, plus free software (freeware) goodies daily -- all absolutely free -- delivered straight to your email inbox! Bonus: join our website today and you'll also receive our highly coveted Top 10 Tech Reports, including: Top 10 PC Security Essentials, Windows Optimization Secrets, Top Freeware Antivirus, MS Office alternatives and more. Don't delay: subscribe today! Click here for more info.

Infopackets Game of the Week

Secrets of the Dark: Eclipse Mountain Collector's Edition

Click here to read more.

Most Clicked Stories
(In the Past 15 Days)

Freebies

Subscription Center

Recommended Sites

DownloadMix.com: More Freeware + Shareware

About

Established in 2001 and read by over 250,000 users world-wide, infopackets features the latest in headline news based on MS Windows, Internet, and technology trends. Subscription to our website is free! Join our discussion list, today!