Are all side-loading DLL rules still valid?

[Yelodress]

Hi !
There's one point I'm not sure I understand. On rules like this one, for DLL side-loading, it says that applications can load potentially rogue DLLs. I guess they don't check the exact paths or something. However, don't developers make updates to patch this? Do ALL rules that are not yet labeled as “Obsolete” mean that attacks are still feasible on an up-to-date system?

Regards,
Yelodress

[nasbench]

Most DLL sideloading is not considered in scope of vulnerabilities, hence some never get fixed or take public abuse to get fixed. The rules are all still valid though, because in DLL sideloading an attacker is not linked to the latest version of an app. Most of the time they bring their own binary in order to sideload the malicious DLL. So all DLL sideloading is and will be valid "forever"

[Yelodress]

Hello, thanks for your reply.
Shouldn't we consider an application that calls a non-existent DLL as a vulnerability ?
And, I understand that DLL sideloading will be valid "forever", but if a developper fix during an update his app, an this app doesn't call this "ghost" DLL anymore, do we still consider the rule as "valid" ?