How to implicitly load only signed DLL s

Question

I have an application which is linked with set of dll files. I am loading the DLL s implicitly without going through insecure LoadLibrary() calls. I am thinking of signing t

Answer 1

You should add a manifest dependency using the MANIFESTDEPENDENCY linker option and set publicKeyToken to the key used to sign the dlls.

E.g. something like:

/manifestdependancy:type='win32' name='mydll' language='*' publicKeyToken='1234567890ABCDEF0'

Windows will then refuse to load your application unless the dll matching the above conditions is present.