If you think the chances of a naughty DLL file finding its way onto your machine are pretty slim, think again. According to analysts quoted in the article, "[t]here are several previous security vulnerabilities that allow a malicious user to download a file to a victim's computer. . . ." The DLL code could even be accessed over the Internet in some cases.
I'm sure that Microsoft is just thrilled with Georgi Guninski, the guy who found the bug. Last month, he found two other bugs in Microsoft products, including Excel, Powerpoint and Outlook. This guy is just an exploit-finding machine.