Mitigate Against DLL Pre-Loading

When an application loads a shared library such as kvhtml.dll or kvhtml.so, the Operating System or runtime linker might search several locations. This search can allow DLL pre-loading attacks if an attacker is able to place a malicious binary in one of the locations searched. It might also lead to unexpected results if a different version of KeyView is present in one of the locations searched.

On Windows, when you load kvhtml.dll with LoadLibrary, OpenText recommends that you use a fully qualified path to prevent Windows searching for the library in other locations.

On other platforms, when you load kvhtml.so with dlopen, OpenText recommends that you use an absolute path to prevent the OS or runtime linker searching for the library in other locations.