Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
https://blogs.technet.microsoft.com/srd/2018/04/04/triaging-a-dll-planting-vulnerability/