Vszakats

**Name of the Vulnerable Software and Affected Versions** Expat versions 2.2.1 through 2.2.2 **Description** The issue allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path. This is due to the `writeRandomBytes RtlGenRandom` function in xmlparse.c. **Recommendations** For Expat versions 2.2.1 and 2.2.2, consider restricting access to the `writeRandomBytes RtlGenRandom` function in xmlparse.c until a patch is available. Avoid using untrusted search paths to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.