CVE-2018-15491

Name of the Vulnerable Software and Affected Versions Zemana Anti-Logger versions prior to 1.9.3.602

Description A flaw in the permission and encryption implementation allows an attacker to control the whitelisting feature, enabling the execution of unauthorized applications, such as keystroke recorders, by modifying the MyRules2.ini file under %LOCALAPPDATA%ZemanaZALSDK.

Recommendations For versions prior to 1.9.3.602, update to version 1.9.3.602 or later to resolve the issue. As a temporary workaround, consider restricting access to the MyRules2.ini file to prevent unauthorized modifications until a patch is applied.