Fortunately, this issue is fairly easy to detect, as the ApexOne agent will display a security warning whenever a new DLL file is loaded. Trend Micro recommends updating your vulnerable installations to the latest version as soon as possible. Furthermore, we recommend beefing up your endpoint security software to block DLL file loading as well.
DLL Loading Vulnerability
A recent vulnerability has been discovered that affects the way DLL files are loaded onto Windows systems. CVE-2022-41747 (DLL loading vulnerability) was recently discovered and is a remotely exploitable issue that can allow for code execution on vulnerable installations. The issue affects all Windows systems and can be exploited through both malicious and legitimate applications which load DLL files. In order to fix this issue, Trend Micro recommends updating your vulnerable installations to the latest version as soon as possible. Furthermore, we recommend beefing up your endpoint security software to block DLL file loading as well.
How to check if you’re vulnerable to DLL file loading attack
As a first step, Trend Micro recommends checking if your endpoints are vulnerable to DLL file loading attacks. If you have security software installed on your endpoint, Trend Micro recommends that you check the “Check for DLL Loading” option in your antivirus software. If it is enabled and not disabled, you are likely vulnerable to this attack.
If you are vulnerable to this attack, Trend Micro recommends updating your installations as soon as possible to protect yourself from further damage. Furthermore, Trend Micro also suggests beefing up the endpoint security software so that it will block DLL file loading attacks.
To avoid potential damage without updating systems now, we recommend disabling the "Check for DLL Loading" option in your antivirus software so that no suspicious files will be detected by the antivirus engine when they load.
Checkpoint: What are Other DLL File Vulnerabilities?
DLL file vulnerabilities are not new, but they have been around for a long time and continue to affect many software. This particular issue was first discovered in September of 2017, when the popular monitoring software ApexOne began warning its customers about a DLL file vulnerability. Fortunately, this issue is fairly easy to detect, as the ApexOne agent will display a security warning whenever a new DLL file is loaded. Trend Micro recommends updating your vulnerable installations to the latest version as soon as possible. Furthermore, we recommend beefing up your endpoint security software to block DLL file loading as well.
Install Trend Micro™ Smart Protection for Office 365
Trend Micro Smart Protection for Office 365 has been updated with the latest DLL blacklists, and is available from Trend Micro's website at https://www.trendmicro.com/office-365/products/antimalware .
Timeline
Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/11/2022 19:33:00 UTC