A flaw in the way Windows handles DLL (dynamic-link library) and related files likely affects hundreds of applications and has already been used in malicious attacks in the wild, a security researcher said on Tuesday.
Microsoft acknowledged in an advisory on Monday
a type of attack mechanism known as DLL preloading, or binary planting and said that while it is not new it does have a new remote-attack vector. Malicious code can now be planted on a network share instead of just on a local system, making it much easier to attack vulnerable systems by duping people into clicking on malicious Web links or opening malicious documents.
Now, the Exploit-db.com
exploit database is getting flooded with submissions of applications that people say are vulnerable, including Windows Live Mail, Windows Movie Maker, Microsoft PowerPoint 2010, Office 2007
, and non-Microsoft applications like Firefox 3.6.8
, Foxit Reader, Wireshark and uTorrent, said Mati Aharoni, founder of security firm Offensive Security
, which runs the exploit database.