Installation folder allows User group to create files, making it possible to spoof system DLLs with local ones.
vulners.com/securityvulns/securityvulns:doc:15092