ATT&CK v19 will be released April 28th! Check out this blog post for information on the planned deprecation of Enterprise's Defense Evasion tactic in the upcoming release.

Restrict Library Loading

Prevent abuse of library loading mechanisms in the operating system and software to load untrusted code by configuring appropriate library loading mechanisms and investigating potential vulnerable software.

ID: M0944

Security Controls: IEC 62443-3-3:2013 - SR 7.7, IEC 62443-4-2:2019 - CR 7.7, NIST SP 800-53 Rev. 5 - CM-7

Version: 1.0

Created: 11 June 2019

Last Modified: 16 April 2025

Version Permalink

Live Version

Techniques Addressed by Mitigation

Domain	ID		Name	Use
ICS	T0874		Hooking	Restrict the use of untrusted or unknown libraries, such as remote or unknown DLLs.

Restrict Library Loading

ICS Layer

Techniques Addressed by Mitigation