Reported December 8, 2000 by Bryan Hughes

  • FoolProof Desktop Security


A vulnerability has been identified in FoolProof Desktop Security. The vulnerability lies in the way that the software restricts certain programs by its common executable name.

By default, FoolProof does not protect from being launched. A malicious user can use the command-line FTP client supplied by default in Windows 9x installations to download other restricted programs, such as copy.exe, that are simply renamed to something else.


For example, if a malicious user places a copy of xcopy.exe on a renamed FTP server, such as xxx.exe, FoolProof does not prevent the user from launching the program.


The vendor has been contacted, but no response has been received. It is recommended that users reconfigure FoolProof Desktop Security not to allow access to the command prompt. FTP clients should be restricted also.

Discovered by
Bryan Hughes