The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code.