Displaying items by tag: malvuln

The idea of DLL hijacking is a well known one and one that is used by attackers to compromise security tools and even sophisticated anti-malware solutions. DLLs (Dynamic Link Library) are not much more than static files that sit idle on a system until loaded. These libraries contain information that is important to the operation of the program calling it. If an attacker can replace a DLL with one of their own that prevents or alters the operation of the calling program, they have successfully hijacked it. Because of the flexibility and shared nature of DLL they are an easy target.

Published in Security Talk