Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today.



From ComputerWorld:

Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today.

Microsoft confirmed that it's investigating the claims by Slovenia-based Acros Security.

Researchers from Acros will demonstrate the new attacks at the Hack in the Box security conference in Amsterdam later this month.

  Unpatched DLL bugs let hackers exploit Windows 7 and IE9, says researcher