Microsoft (NASDAQ: MSFT) has issued a security advisory on a 10-year-old problem with implications for existing Windows-based systems, including widely-installed software like iTunes. The root of the problem stems from how some applications load DLL (Dynamic link library) files without properly specifying a path. This potentially allows an attacker to load malware by mirroring the filenames of legitimate DLLs, which will be executed with the same privileges as the application.

At that time, Microsoft made changes to how DLLs are loaded in order to mitigate the problem. This includes the creation of certain programming calls that developers can leverage to prevent this possibility. The new twist here has to do with how similar attacks can apparently be pulled off remotely for applications that do not load external libraries in a secure manner.

This list of applications that are vulnerable to the problem of remote DLLs is apparently not a short one either. According to HD Moore, the creator of the Metasploit penetration testing tool, at least 40 Windows applications were tested by him to be vulnerable. Moore has added the test for this particular vulnerability into Metasploit to enable administrators to audit their systems.

For now, Microsoft has released a number of workarounds for administrators. This ranges from blocking TCP ports 139 and 145 at the firewall, to modifying the registry to completely disable the loading of DLLs from remote directories.

For more on this story:
- check out this article at CNET News
- check out this article at PCMag Blogs
- check out this article at Computerworld
- check out this article at Redmondmag.com

Related Articles:
Windows 7 could surpass XP in the enterprise by 2012
Microsoft to issue record number of security bulletins next Tuesday
Microsoft to focus on the cloud
Microsoft releases temporary workaround for Windows Shell flaw
Microsoft (NASDAQ: MSFT) Earnings Q4 2010