A known security issue (CVE-2016 - 0603) that affects many applications (from web browsers to antivirus products, and a host of others) can be exploited by "teasing" a .dll.
The technique is called DLL side-loading or hijacking and uses DLLs that have the same name as the original in specific locations on the target file system.
This type of attack is very old and allows for violation of legitimate applications by deceiving users. The technique was used too much by software crackers. Let's say, a crack for Adobe Photoshop that has been released for years now is amtlib.dll.
This file is an application file. But crackers can only switch a single byte, and they can activate the program!
Imagine what could happen if a malicious user, instead of changing a byte to activate the program, added their own malicious code to .dll….
Here is a small (probably incomplete) list of applications found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple's iTunes.
The vulnerabilities in these softwares were discovered by German security researcher Stefan Kanthak.
Mr Kanthak also seems to have paid special attention to anti-virus software installers. Below are some of the security products that are vulnerable to DLL hijacking: ZoneAlarm, Emsisoft Anti-Malware, Trend Micro, ESET NOD32, Avira, Panda Security, McAfee Security, Microsoft Security Essentials, Bitdefender, ScanNowUPnP Rapid7, Kaspersky and F-Secure.
All of the above (and perhaps many others) applications will have to release updates to protect their files from malicious users. Let's see how fast they will respond.
The only company that responded immediately was Oracle fixing the installers of the Java 6, 7, and 8 versions.