STAS is affected by the Microsoft Windows Unquoted Path Vulnerability

I just found out using the OpenVAS scanner that STAS is affected by the Microsoft Windows Unquoted Path Vulnerability Windows. Uninstall registry entries and services using an unquoted path containing at least one whitespace allow a local attacker with low privileges and write permissions to place a malicious executable.

DisplayName|Name|PathName
Sophos Transparent Authentication Suite|STAS|C:\Program Files (x86)\Sophos\Sophos Transparent Authentication Suite\stas.exe

Hopefully this is fixed soon.