Microsoft started the week by announcing a hotfix for a continued problem some users complained about, only to find a day later another issue related to the DLL-loading security flaw that could threaten hundreds of programs. The flaws leave millions of Windows OS users exposed to possible remote executed hacker attacks.
Last week, a Windows-based Apple iTunes flaw was discovered by HD Moore, and a message posted on Twitter informed users of the new security problem. Since then, the problem has only gotten worse.
On Monday, Microsoft released a new "Security Advisory" that addressed the DLL preloading attack problem, saying the problem is "caused by applications passing an insufficiently qualified path when loading an external library."
For this particular issue to work, users need to access a remote file system and then open a document from the file system. Microsoft's solution involves using a hotfix that is able to modify the DLL search path algorithm to prevent any remote file system and WebDAV share problems.
The new "binary planting" and "DLL loading hijacking" attacks that popped up a day after the first issue continue to gain steam as numerous exploits are now being taken advantage of over the Internet. Security experts are also watching to see how many exploits they can detect before it’s too late.
Once Microsoft is able to study the problem, a full list of vulnerable apps will be collected and published by security experts. So far, PowerPoint 2010, Office 2010, Windows Live Mail, uTorrent, and other popular Windows programs have been identified as containing the flaw, while the list continues to grow larger.
Microsoft has long been a popular target among hackers looking for potential security flaws and security holes that they can exploit. Acros Security confirmed problems with Windows Program Manager Group Converter and Windows Address Book/Windows Contacts -- but many other Windows applications are also affected.
Let's hope that Microsoft swiftly releases a Windows update that can close the hole and protect users from the malicious code that is now exploiting these flaws.
