Our advanced binary planting research goes on... and it's time to reveal some interesting hacks, for instance how to exploit binary planting (or DLL hijacking, if you prefer the less suitable term) to execute remote malicious code through Internet Explorer 9 in protected mode on Windows 7 - without issuing any security warnings. Or how to do the same in Internet Explorer 8 on Windows XP, only even more stealthy. The crux is described in our blog post: http://blog.acrossecurity.com/2011/05/silently-pwning-protected-mode-ie9-and.html or http://bit.ly/im6LcD, while the final missing link to the exploit will be revealed at the Hack in the box conference in Amsterdam on May 19 (http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1399), and shortly thereafter to the rest of the world. Our Guidelines for developers have already been updated for those who hate seeing binary planting, DLL hijacking, DLL preloading or insecure library loading in their software creations: http://www.binaryplanting.com/guidelinesDevelopers.htm Best regards, Mitja Kolsek CEO&CTO ACROS, d.o.o. Makedonska ulica 113 SI - 2000 Maribor, Slovenia tel: +386 2 3000 280 fax: +386 2 3000 282 web: http://www.acrossecurity.com ACROS Security: Finding Your Digital Vulnerabilities Before Others Do
