For what it's worth (to your research) there are also hybrids; ie, a normal executable can be executed from a dll perspective, as the other way round; they're the same format. Executables simply have a specific "standard" entry point. Thought I'd remind you that this "vuln" might exist in less known places; who knows, even perhaps kernel drivers. Cheers, Chris. On Thu, Sep 9, 2010 at 2:04 AM, ACROS Security Lists <lists@xxxxxxxx> wrote: > > For everyone interested in binary planting vulnerabilities, here's some new > information on the EXE vector from our research. > > http://blog.acrossecurity.com/2010/09/binary-planting-goes-exe.html > > Pleasant reading, > > Mitja Kolsek > CEO&CTO > > ACROS, d.o.o. > Makedonska ulica 113 > SI - 2000 Maribor, Slovenia > tel: +386 2 3000 280 > fax: +386 2 3000 282 > web: http://www.acrossecurity.com > > ACROS Security: Finding Your Digital Vulnerabilities Before Others Do > > >
