Posted by Stefan Kanthak on Dec 21
Hi @ll,
in <http://seclists.org/fulldisclosure/2015/Nov/101> I showed
general mitigations for DLL hijacking via runtime dependencies
(<https://msdn.microsoft.com/en-us/library/ms685090.aspx>).
DLL hijacking is but also possible via load-time dependencies
(<https://msdn.microsoft.com/en-us/library/ms684184.aspx>)!
Example:
Quite some executable installers use the function timeGetTime()
(<…