[May 6, 2011 update: we published a proof of concept for this vulnerability.] Last week at the Hack In The Box conference in Amsterdam we presented some techniques for advanced exploitation of binary planting bugs. The stage was set by our previous blog post where we described how unsafely registered COM server DLLs, as well as safely registered COM server DLLs that make unsafe binary loading call
![The Anatomy of COM Server-Based Binary Planting Exploits](https://cdn-ak-scissors.b.st-hatena.com/image/square/e6c53fab12fb1030352a7e456eabce75f323032e/height=288;version=1;width=512/https%3A%2F%2Fblogger.googleusercontent.com%2Fimg%2Fb%2FR29vZ2xl%2FAVvXsEggEE31eWpNsSpo6sfFDYLuolIDAJFEoDlXpZjrdxxD2zQ_EnEquue5MXINRSUiYCr2eRTcDsbdIQDeESpGNbaphyphenhyphen96c0iil4yjDIFkWXe2YkDNLJocTFCb7JiBw_H1vmmxOVyUGDxowrY%2Fw1200-h630-p-k-no-nu%2FXP_IE8_binary_planting.png)