8 of the vulnerabilities were rated "critical," meaning the bugs could be used to hijack a system. After the critical ones there were two "high," one "moderate" and finally a single "low."
PCAdvisor explains that the 'binary planting' vulnerability has also been called 'DLL load hijacking'.
Says the site: "Regardless of the term, the flaw existed in Windows applications that do not call DLLs (dynamic linked libraries) or executable files using a full path name. Instead, they rely on the filename alone. The latter can be exploited by attackers, who can trick the program into loading a malicious file with the same title as a required DLL or executable. If attackers can con users into visiting malicious websites or remote shared folders, or get them to plug in a USB drive, they can compromise a computer and infect it with malware."
Mozilla also recommends updating to the latest version of the browser if you have not already.
Written by: Andre Yoskowitz @ 21 Oct 2010 0:10
