Mitigate Against DLL Pre-Loading
When an application loads a shared library such as kvfilter.dll or kvfilter.so
Mitigation on Windows
On Windows, you can use the kvfilter import library, or manually load kvfilter.dll with LoadLibrary. If you use the import library, you can mitigate against DLL pre-loading attacks by embedding a manifest in your executable so that Windows only searches for kvfilter.dll in its expected location. For example:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
<file name="kvfilter.dll" />
</assembly>
If you load kvfilter.dll with LoadLibrary, you must use a fully qualified path to prevent Windows searching for the library in other locations.
Mitigation on Other Platforms
On other platforms, you can link against kvfilter.so while building your application, or manually load it with dlopen. In either case, OpenText recommends that you use an absolute path to kvfilter.so to prevent the OS or runtime linker searching for the library in other locations.