IT Trenches

Aug 24 2010   8:01PM GMT

Whak-a-mole testing for Microsoft DLL exploit

Troy Tate Profile: Troy Tate

HD Moore of Metasploit fame has created a tool to identify applications which exhibit the DLL hijack flaw about which Microsoft recently released a security advisory. This tool in HD Moore’s own words

will turn a desktop PC into a game of whack-a-mole by launching the file handlers for every registered file type, while recording whether or not a DLL was accessed within the working directory of the associated file.

To find out more about this DLL hijack exploit test kit and to get the tool see HD’s blog.

This could be a serious issue so I am waiting to see what develops out here now that Metasploit has released a working exploit plugin also.

What are your thoughts on this vulnerability? Do you have Windows developers which may have created risks for your organization by poor development practices? Let me and other ITKE readers know about your experiences with this vulnerability and if you have used the DLL hijack exploit test tool and how your testing went. Thanks for reading and let’s continue to be good network citizens!

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: