Mozilla has joined Apple in being among the first to fix the DLL load hijacking attack vector that continues to haunt hundreds of Windows applications. The open-source group released Firefox 3.6.9 with patches for a total of 15 vulnerabilities (11 rated critical) The majority of the 15 vulnerabilities in this Firefox patch batch could be exploited to launch drive-by download attacks from booby-trapped Web sites. Mozilla said Google researcher Michal Zalewski s recent contributions helped to identify this architectural weakness.
Source: https://threatpost.com/mozilla-patches-firefox-dll-load-hijacking-bug-090810/74439/

