Experts Exchange > Posts > How to avoid dll-Hijack issue ? We have a normal C++ MFC…
How to avoid dll-Hijack issue ?
We have a normal C++ MFC application but we kept a .dll file in the same path where our application resides. When we start the application the dll file present in the current directory also loaded and fall in an infinite loop and our real application is non-responsive because the name of the dll is one of the System module dll that is loaded by the framework from the system path.
The reason is it look in the currentdir instead of the system path on Priprity of Dll search.
How we can avoid this dll hijack issue in Windows ?
Means how to avoid the search of dll from current directory rather look at system path at first priority
I think this probably can be can acchieved by registering the DLL as a 'Known DLL' - I didn't use it myself before, but from some comments I found I think this is what you need:
"KnownDLL’s is a mechanism in Windows NT (and win9x) that allows the system to “cache” commonly used system DLLs. It was originally added to improve application load time, but it also can be considered a security mechanism, since it prevents people from exploiting weak application directory permissions by dropping in Trojan horse versions of system DLLs" - see https://blogs.msdn.microsoft.com/larryosterman/2004/07/19/what-are-known-dlls-anyway/
So this year I decided it was really about time I applied for the
@vExpert subprograms, and guess what! I'm in! So Thanks to our Programme Manager @vCommunityGuy and Sub Programme Business Units!