Every now and then security advisories are published, warning about the risks of DLL injection.
Is there a general way to protect against DLL hijacking? I'm not familiar with the topic but requesting an absolute filename instead of a relative should be enough to protect against malicious DLLs in the working directory, shouldn't it?
If one can overwrite the DLL in my installation directory, one could also overwrite my executable thus a signature check seams useless.
DLL hijacking can be achieved for apps that request an DLL without using an absolute path. This triggers a search process and by placing the compromised DLL higher in the search patch that the real version, it is possible to have execute malicious code. However, your installation directory should be first in the search path, so it does not seem to be applicable in your case. Nevertheless you should be careful when passing sensitive data to your DLL, for example passwords and usernames.