cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
boopathi
Level 2

DLL hijacking vulnerability issue in Installshiled 2015 SP2

Hi,

We are using Installshiled 2015 Professional Edition with service pack 2 for packaging our products. Recently we noticed DLL hijacking vulnerability in our setup file in win7 sp1 32 System.

Environment: System win7 sp1 32

Scenario:   Malicious ntmarta.dll and our product_setup.exe are placed in the same directory. double-click to run installer. Triggering DLL Hijacking vulnerability and executing malicious DLL, and getting pop up "dll hijack!" dialog box

Questions:

  1. Is there any specific Hot fix for the issue?  I have tried  this hot fix “InstallShield 2015 SP2 Hotfix IOJ-1829226 may be downloaded here” from this link. It doesn’t help us.
  2. Is this issue addressed in newer version? If yes, from which version onwards? 

Please provide your suggestions on this.  Thanks.

 

0 Kudos
(1) Reply
banna_k
Revenera
Revenera

Hi @boopathi ,

Yes, you are correct. InstallShield 2015 SP2 Hotfix IOJ-1829226 for DLL hijacking vulnerability with Installshield 2015 SP2 built setups. This hotfix is built on top of Microsoft hotfix for the DLL hijacking vulnerability.

Inorder to work this hotfix effectively in older version of windows, required to install the microsoft hotfix. So, please check whether your machine is up to date with the latest hot fix available.  

You can find more information on the Microsoft hotfix below:

https://support.microsoft.com/en-us/help/2533623/microsoft-security-advisory-insecure-library-loading-could-allow-remot

0 Kudos