The host is installed with PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 and is prone to unquoted windows search path vulnerability. A flaw is present in the applications, which fail to handle a Trojan horse application in the %SYSTEMDRIVE% top-level directory. Successful exploitation allows remote attackers to gain privileges.