A new DLL search order hijacking technique, according to incident response firm Security Joes, enables adversaries to load and execute malicious code in applications located in the WinSxS folder of Windows.
DLL search order hijacking typically targets programs that rely on a predetermined search order to find required libraries or files rather than providing the full path. Attackers insert a malicious DLL so that it loads before the legitimate library the application requires in a folder that is prioritized in the search order, usually in the working directory of the application.
In certain cases, the attackers additionally remove a valid application that is susceptible to abuse in order to load DLLs.
Read More: New DLL Search Order Hijacking Technique Targets WinSxS Folder
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.