Forget downloading files to the startup directory, it looks like
Macrovision still hasn't fixed the DownloadAndExecute() method of
isusweb.dll. I believe that this issue is similar to this one:
http://www.securityfocus.com/bid/26280(maybe someone from iDefense
could confirm that?), just that th
Last line got cut off, it should read:
I understand that some of this functionality is by design, however,
there should be some validation in place to verify that the files
that are being downloaded are indeed from a trusted source and are
updates to packages that are actually installed on the sys
Who:
Macrovision
What:
Macrovision FlexNext Connect is a software package that allows
ISV's to update their software products. It is generally used in
conjunction with the InstallShield software deploymnet framework.
FlexNet uses a number of ActiveX controls, some of which are marked
safe for