Microsoft has released a fix-it that allows Windows operating system users to configure a tool that blocks remote attack via the dynamic-link library's vulnerability.

In an advisory issued on Tuesday, Microsoft said the fix-it can only be enabled upon installation of a tool it released last week that allows Windows users to control malicious DLL behaviour. When enabled, the fix-it automatically configures the DLL attack blocker.

However, the advisory cautioned that the blocker protects against DLL preloading only and not against executable files that do not properly load via safe DLL path. Apps that carry such .exe files need to be updated accordingly, said Jerry Bryant, group manager of Microsoft Security Response Center (MSRC) communications, in his blog.

The MSRC engineering team also warned in a blog post that "it is no longer safe to browse to a malicious, untrusted WebDAV server in the Internet Zone and double-click on any type of files." The team said attackers are substituting dangerous file icons with safe and trusted file icons to entice unsuspecting users to double-click a malicious executable.

The blocker will give Microsoft administrators time to update Windows and third-party apps vulnerable to hacking via DLL. It will also give administrators time to add the blocker tool to the Windows Update catalogue so that Windows Server Update Services users can easily deploy it.

Meanwhile, the U.S. Computer Emergency Response Team gave workaround tips pending fixes on affected software by vendors. These include disabling the loading libraries from WebDAV and remote network shares, disabling of the WebClient service and the blocking of outgoing Server Message Block traffic.

Other software vulnerable to DLL loan hijacking are Adobe, Apple, Cisco, Citrix, Google, Mozilla and Nokia.