> All of these attack vectors can be pulled against a statically-linked program too
Yeah, but then the attacker would have to pull them against a bazillion apps, in stead of just infecting a bunch of more or less generic DLLs and then just replace all copies of those wherever he finds them.
Which is why I said, "the privileges they require also allow for more effective attacks". If you can scan my system and replace popular DLLs in every application that bundles them, you may as well drop a new Windows service running your malware. Or two, and make them restart each other. Or make your malware a COM component and get the system to run it for you - my task manager will then just show another "svchost.exe" process, and I'll likely never notice it.
Yeah, but then the attacker would have to pull them against a bazillion apps, in stead of just infecting a bunch of more or less generic DLLs and then just replace all copies of those wherever he finds them.