The problem is called DLL hijacking (or DLL side-loading) [CVE-2016-0603] and refers to the fact that malware authors can place DLLs of the same name in specific locations on the target's filesystem and have it inadvertently load the malicious DLL instead of the safe one...
Here's a short (probably incomplete) list of applications that he found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple iTunes.
============================================
Remark: Oracle just released new Java installers to fix this security issue. Seehttp://en.community.dell.com/support-forums/virus-spyware/f/3522/t/19674606
============================================
(With acknowledgment to Minimalist for posting at Wilders)
