Nils Dagsson Moskopp

**Name of the Vulnerable Software and Affected Versions** gnome-exe-thumbnailer versions prior to 0.9.5 **Description** The issue is related to a VBScript Injection when generating thumbnails for MSI files. This can lead to a local attack if the victim uses the GNOME Files file manager and navigates to a directory containing a .msi file with VBScript code in its filename. **Recommendations** For versions prior to 0.9.5, update to version 0.9.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of gnome-exe-thumbnailer for .msi files until a patch is applied. Restrict access to directories containing potentially malicious .msi files to minimize the risk of exploitation.