Hi Support,
Our application has recently conducted a series of penetration testing and has failed on one of the test item - DLL hijacking.
By placing a forged DLL (named msimg32.dll and it's written to launch calculator) with our application exe in the same folder and execute our software for installation will also trigger it to run the calculator.
My question is how do I prevent this from happening?
Below's the download URL for the test files please run our installer you will see the calculator is also launching.
https://www.dropbox.com/s/zx5kl09iu2n656e/zen.zip?dl=0
Andy