I am submitting the attached patch.

The reason for this patch is to limit the search for dlls loaded at 

runtime to the win32 system directory and/or the emacs application

directory.

In the current state, dlls can be picked up in any directory in the path.

Some one could fake one of these dlls (xpm, png, etc.) and use it for

mean reasons.  

It is not bullet proof, but it levels up security and 

many other projects have applied such a restriction.

Best regards,

Fabrice