MS.Windows.Insecure.Library.Loading.Code.Execution

Release Date Aug 27, 2010
Severity critical
Impact System compromise
Description This indicates a possible attack against a remote code execution vulnerability in Microsoft Windows applications in the way the applications load external libraries. When the vulnerable application loads a DLL file without specifying a fully qualified path name, Windows will try to locate the DLL by searching a defined set of directories which could lead to arbitrary code execution.
Affected Products Microsoft Windows system with webclient service on
Recommended Actions Refer to the vendor's advisory: http://www.microsoft.com/technet/security/advisory/2269637.mspx
Coverage IPS VCM
Reference/s http://www.microsoft.com/technet/security/advisory/2269637.mspx http://blogs.technet.com/b/srd/

Fortinet