Initially identified fifteen years ago, and clearly articulated by a Microsoft Security Advisory, DLL hijacking is the practice of having a vulnerable application load a malicious library (allowing for the execution of arbitrary code), rather than the legitimate library by placing it at a preferential location as dictated by the Dynamic-Link Library Search Order which is a pre-defined standard on how Microsoft Windows searches for a DLL when the path has not been specified by the developer.
Despite published advice on secure development practices to mitigate this threat, being available for several years, this still remains a problem
more here...........http://digital-forensics.sans.org/blog/category/incident-response
Despite published advice on secure development practices to mitigate this threat, being available for several years, this still remains a problem
more here...........http://digital-forensics.sans.org/blog/category/incident-response