Google · Go · CVE-2016-3958
**Name of the Vulnerable Software and Affected Versions**
Go versions prior to 1.5.4
Go versions 1.6.x prior to 1.6.1
**Description**
The issue is related to an untrusted search path vulnerability, allowing local users to gain privileges via a malicious DLL in the current working directory. This is due to the use of the LoadLibrary function on Windows.
**Recommendations**
For Go versions prior to 1.5.4, update to version 1.5.4 or later.
For Go versions 1.6.x prior to 1.6.1, update to version 1.6.1 or later.