Disclosure of DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4

Read Time:23 Second

Posted by YEUNG, Tsz Ko on Feb 24

Hi all,

I would like to disclose
the DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4

Details as below:

Vulnerable Software and Version:

1. Technitium Installer v4.4

Vulnerable software download link:
https://technitium.com/tmac/

Date discovered and reported:
25 Feb 2022

Description:
Technitium Installer v4.4 is suffering from DLL Hijacking by placing x86
SXS.dll in the same directory as the installer , which could cause…

USN-7179-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

December 20, 2024

USN-7173-2: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to...

December 20, 2024

swiftlint-0.57.1-1.fc42

FEDORA-2024-87d30b4fbf Packages in this update: swiftlint-0.57.1-1.fc42 Update description: Automatic update for swiftlint-0.57.1-1.fc42. Changelog * Fri Dec 20 2024 Davide Cavalca...

December 20, 2024

USN-7166-3: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

December 20, 2024

USN-7159-4: Linux kernel (IoT) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

December 20, 2024

chromium-131.0.6778.204-1.el10_0

FEDORA-EPEL-2024-b98ed0b39c Packages in this update: chromium-131.0.6778.204-1.el10_0 Update description: Update to 131.0.6778.204 High CVE-2024-12692: Type Confusion in V8 High CVE-2024-12693: Out...

December 20, 2024

Friday Squid Blogging: Squid Sticker

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

LockBit Admins Tease a New Ransomware Version

Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

CISA Urges Encrypted Messaging After Salt Typhoon Hack

Ransomware Attackers Target Industries with Low Downtime Tolerance

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

US Organizations Still Using Kaspersky Products Despite Ban

Disclosure of DLL-Hijacking-Vulnerability-in-Technitium-Installer-v4.4

USN-7179-1: Linux kernel vulnerabilities

USN-7173-2: Linux kernel vulnerabilities

swiftlint-0.57.1-1.fc42

USN-7166-3: Linux kernel (HWE) vulnerabilities

USN-7159-4: Linux kernel (IoT) vulnerabilities

chromium-131.0.6778.204-1.el10_0