CISA has published an advisory on an untrusted search path vulnerability in Flexera InstallShield. Versions through 2015 SP1 are affected. CISA’s advisory also notes that Flexera InstallShield is integrated into many products sold by other companies. Successful exploitation of this vulnerability could allow execution of a malicious DLL. It is recommended that users contact the product’s vendor support team for guidance on any mitigations and workarounds regarding Flexera InstallShield issues in relation to that product. CISA also advised on a series of measures to mitigate the vulnerability. Read the advisory at CISA.