Does it need Administrator privileges to run? If so it's not really a security hole since by the act of giving it enough permissions to run you could have done it yourself (in a way).

It's like the "I'm logging in as root and can change other people's files." sort of security 'flaw'.