Almost no resp. only some mitigation(s) for "DLL hijacking" via load-time dependencies

Posted by Stefan Kanthak on Dec 21

Hi @ll,

in <http://seclists.org/fulldisclosure/2015/Nov/101> I showed
general mitigations for DLL hijacking via runtime dependencies
(<https://msdn.microsoft.com/en-us/library/ms685090.aspx>).

DLL hijacking is but also possible via load-time dependencies
(<https://msdn.microsoft.com/en-us/library/ms684184.aspx>)!

Example:

Quite some executable installers use the function timeGetTime()
(<…

Leave a Reply