Here, let me bring you up to date:
That one’s only two years old.
If the user isn't an Administrator, there isn't any remote rooting.
But that's true of any executable that a user downloads and runs within their user space - the executable can f*** with that user's files, but it can't touch the rest of the system.