DLL hijacking: 21 years old and still alive
Trustworthy defense in depth: DLL hijacking
Wikipedia on DLL hijacking
Due to a vulnerability commonly known as DLL hijacking, DLL spoofing, DLL preloading or binary planting, many programs will load and execute a malicious DLL contained in the same folder as a data file opened by these programs.[11][12][13][14] The vulnerability was discovered by Georgi Guninski in 2000.[15] In August 2010 it gained worldwide publicity after ACROS Security rediscovered it again and many hundreds of programs were found vulnerable.[16] Programs that are run from unsafe locations, i.e. user-writable folders like the Downloads or the Temp directory, are almost always susceptible to this vulnerability.
Our original advisory is from Mon, 18 Sep 2000
The DLL hijacking is CVE-2000-0854
It was known since 2000-09-19 that third party programs are vulnerable too, e.g. Bugtraq: Exploit using Eudora and the Guninski hole
The nimbda worm was released on the same day and used the vulnerabilities in the advisory.
Searching the web returns many results since 2020 and a site Latest DLL Hijack news.
In other news from 2020 Almost 300 Wi ndows 10 executables vulnerable to DLL hijacking
Appears to us the vulnerability is so hard to fix it will live forever ⬛.