CVE-2017-12580

Name of the Vulnerable Software and Affected Versions: IDM UltraEdit versions 24.10.0.32 and earlier

Description: An issue was discovered in IDM UltraEdit. To exploit this issue, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a DLL using the name of a Windows DLL, such as ntmarta.dll. When the installer EXE is executed by the user, the DLL located in the EXE's current directory will be loaded instead of the Windows DLL, allowing the attacker to run arbitrary code on the affected system.

Recommendations: For IDM UltraEdit versions 24.10.0.32 and earlier, consider updating to a version that is not affected by this issue. As a temporary workaround, restrict the execution of the installer EXE to a directory where no malicious DLLs can be placed, or avoid using the affected executable until a patch is available.