"In this attack, Nvidia's software was abused but it could just as easily have been any of a thousand other developers," he said, pointing out that Microsoft has published advice on how to avoid DLL search path issues that could lead to DLL preloading.
This is not the first time that DLL preloading issues have been exploited by malware. The Stuxnet cybersabotage malware was programmed to drop a copy of itself as a specifically named DLL file in directories containing industrial engineering projects created with the Siemens Step 7 software.
Older versions of the Step 7 software automatically loaded this DLL when opening the infected projects, which allowed the malware to spread to other machines due to project project sharing.
On Tuesday, security researchers from Symantec reported about a malware attack that targeted users in Japan and exploited a DLL preloading vulnerability in Ichitaro, the second-most popular word processor software in Japan after Microsoft Word.