The NCCIC has released an advisory on an uncontrolled search path element vulnerability in Fuji Electric Energy Savings Estimator. Versions 1.0.2.0 and prior are affected. Successful exploitation of this vulnerability may allow an attacker to load a malicious DLL and execute code on the affected system with the same privileges as the application that loaded the malicious DLL. Fuji Electric has released Version V.1.0.2.1 of the software. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.