Windows No Bugs

**Name of the Vulnerable Software and Affected Versions** 360 Total Security versions 12.1.0.1004 and below **Description** A local privilege escalation issue exists when TPI calls the browser process, allowing an attacker to execute arbitrary code on the local system through DLL hijacking. **Recommendations** For versions 12.1.0.1004 and below, consider restricting access to the TPI component to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** 360 Total Security versions 12.1.0.1004 and below **Description** A local privilege escalation issue exists when the main process of 360 Total Security calls GameChrome.exe, allowing an attacker to execute arbitrary code on the local system through DLL hijacking. **Recommendations** For versions 12.1.0.1004 and below, as a temporary workaround, consider restricting access to GameChrome.exe until a patch is available.

**Name of the Vulnerable Software and Affected Versions** 360 Total Security versions 12.1.0.1005 and below **Description** A local privilege escalation issue exists when the Gamefolde calls GameChrome.exe, allowing an attacker to exploit DLL hijacking and bypass hips, potentially executing arbitrary code on the local system. **Recommendations** For versions 12.1.0.1005 and below, update to a version above 12.1.0.1005 to resolve the issue. As a temporary workaround, consider restricting access to the GameChrome.exe executable to minimize the risk of exploitation.