Hello all.
We were able to hijack a EXE installer created with Advanced Installer 16.2 on Windows 7 Service Pack 1 (32bit) when users computer does not have newest windows security updates installed, let's say that user does not update it's computer. (KB3147071 security update fixes this issue).
We received a security incident because of this that we need to resolve as soon as possible.
We could install that windows security update as prerequisite, but dll hijacking occurs before prerequisite install.
The question is can we configure our Advanced installer to search for dll files only from windows directories? Or maybe any other ideas to prevent hjacking ?
Thanks for answers.