Security Experts Warn Of DLL Flaw Exploitation

Security experts have voiced their concern over the recently surfaced exploit code for the DLL loading snag that reportedly affects hundreds of Windows applications.

The experts believe that the code will soon be exploited by hackers to launch attacks worldwide.

Andre Storms, director of security operations at nCircle, said: “Once it makes it into Metasploit, it doesn't take much more to execute an attack. The hard part has already been done for [hackers].”

Storms was pointing to the release of exploit code by HD Moore, the originator of the open source hacking toolkit MetaSploit. Moore also released an auditing tool that doles out information about the vulnerable applications.

Describing the kind of impact the auditing tool and the MetaSploit could have, security expert Wolfgang Kandek, CTO at Qualys, said: “With it in Metasploit, people will definitely be looking at these [vulnerabilities].”

“They gain a lot of visibility once in Metasploit, and I'd expect to see some kind of public exploit in the next couple of weeks”, he added.

According to the reports, developers have misused a critical function of Windows, making a significant number Windows programs vulnerable to malicious intrusions.