Mozilla on Tuesday patched 12 vulnerabilities in Firefox, including a second patch for a "binary planting" problem in Windows that researchers publicized last year.
Two-thirds of the vulnerabilities patched Tuesday were rated "critical," the threat ranking that represents bugs hackers could use to hijack a system or infect it with malware. Of the remaining vulnerabilities, two were labeled "high" and one each was judged "moderate" and "low."
Among the flaws was Firefox's second "binary planting" vulnerability. Some have dubbed the problem "DLL load hijacking."
Regardless of the term, the flaw existed in Windows applications that do not call DLLs (dynamic linked libraries) or executable files using a full path name. Instead, they rely on the filename alone.
More: http://www.computerworld.com/s/article/9191958/
Two-thirds of the vulnerabilities patched Tuesday were rated "critical," the threat ranking that represents bugs hackers could use to hijack a system or infect it with malware. Of the remaining vulnerabilities, two were labeled "high" and one each was judged "moderate" and "low."
Among the flaws was Firefox's second "binary planting" vulnerability. Some have dubbed the problem "DLL load hijacking."
Regardless of the term, the flaw existed in Windows applications that do not call DLLs (dynamic linked libraries) or executable files using a full path name. Instead, they rely on the filename alone.
More: http://www.computerworld.com/s/article/9191958/