Windows libraries are modules that contain functions and data that can
be used by other modules such as Windows applications. Windows
applications typically leverage a large number of these libraries often
packaged as dynamic-link library (DLL) files to carry out their
functions. These libraries usually have the file extension DLL or OCX
(for libraries containing ActiveX controls).
DLLs provide a way
to modularize applications so that their functionality can be updated
and reused easily. DLLs also help to reduce memory overhead when
several applications use the same functionality at the same time. These
libraries are used for many common tasks such as HTML parsing, image
format decoding and protocol decoding. Local as well as remotely
accessible applications use these libraries. Thus, a critical
vulnerability in a library usually impacts a range of applications from
Microsoft and third-party vendors that rely on that library. Often the
exploitation is possible via multiple attack vectors. For instance, the
flaws in image processing libraries can be exploited via Internet
Explorer, Office and image viewers. In most cases, the libraries are
used by all flavors of Windows operating systems, which increase the number of systems available for attacks.
During
the past year, several windows libraries were reported to have critical
vulnerabilities. In a number of cases, exploit codes were discovered
before patches were available (zero-day).
|
