Avoiding DLL Hijacks

I’ve come up with two common-sense ideas for avoiding DLL Hijack attacks.

Nothing high-tech or fancy. No Registry changes that may break other apps. Just two simple tricks that will break every DLL Hijack exploit that I’ve seen to date.

This is important because the number of reported DLL Hijack-able applications is hovering around 100, and it’ll go higher. If you run any of those apps – Word 2007 and PowerPoint 2007 and 2010 are among them – you’re susceptible to having your machine taken over by simply opening a file. Microsoft isn’t going to fix Windows to block the attacks – they can’t; the hole arises from a feature that’s part and parcel of the way Windows has worked from the beginning. The only way things will get better is when application manufacturers clean up their code. (And, yes, Microsoft is one of the companies with apps that exhibit exploitable behavior.)

If you didn’t catch my original explanation of the DLL Hijack technique, start with my Infoworld Tech Watch article on the basics. Then to see how to protect yourself in two easy steps, see my Tech Watch article How to thwart the new DLL hijacks.

DLL hijacking

If you’re wondering what all the fuss is about, check out my Infoworld Tech Watch article.

The sky isn’t falling, but the bad guys just got a potent new weapon.