DLL hijacking is a vulnerability that allows malicious code to be executed by tricking an application into loading a compromised DLL file. When a Windows program loads additional code stored in DLL files, it searches in the current directory before system folders, allowing a Trojan DLL to be executed if it is placed in the same directory as a file the user opens. While first reported in 2000, DLL hijacking recently saw widespread exploitation by abusing the DLL search order to take control of programs opened from remote shares or drives. Microsoft has provided some mitigations but no full fix, while new registry keys can safeguard individual applications.