CVE-2017-6466
CVE-2017-6466 affects F-Secure Software Updater 2.20 (as distributed in several F-Secure products). The issue: updates are downloaded over plain HTTP and lack post-download integrity validation, enabling MITM attackers to replace the downloaded file; the executable could run under the SYSTEM acco...