CVE-2018-3974
GOG Galaxy 1.2.45.61 on Windows is affected by a local privilege escalation due to insecure file permissions in the install directory. An attacker can overwrite GalaxyClientService.exe, which runs as LocalSystem, enabling arbitrary code execution with system privileges at boot. Root cause: overly...