Skip to content

Commit

Permalink
Use absolute path for taskkill in installer
Browse files Browse the repository at this point in the history
  • Loading branch information
dlon committed Nov 22, 2024
1 parent f629200 commit 8d3ea96
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 3 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,8 @@ Line wrap the file at 100 chars. Th
(WFP) filters normally do not apply for VMs. This mitigates the issue by ensuring that it does not
leak (as easily) when the VPN tunnel is up. Previously, WSL would leak while in the blocked or
connecting state, or while lockdown mode was active.
- Fix issue where the installer would allow any executable named `taskkill.exe` in the working
directory to run as admin. This fixes audit issue `MLLVD-CR-24-06`.

#### Linux
- Prevent attackers able to send ARP requests to the device running Mullvad from figuring out
Expand Down
6 changes: 3 additions & 3 deletions dist-assets/windows/installer.nsh
Original file line number Diff line number Diff line change
Expand Up @@ -767,7 +767,7 @@
${EndIf}

# Killing without /f will likely cause the daemon to disconnect.
nsExec::Exec `taskkill /f /t /im "${APP_EXECUTABLE_FILENAME}"` $R0
nsExec::Exec `"$SYSDIR\taskkill.exe" /f /t /im "${APP_EXECUTABLE_FILENAME}"` $R0
Sleep 500

customCheckAppRunning_skip_kill:
Expand Down Expand Up @@ -1067,9 +1067,9 @@

Pop $FullUninstall

nsExec::Exec `taskkill /t /im "${APP_EXECUTABLE_FILENAME}"` $0
nsExec::Exec `"$SYSDIR\taskkill.exe" /t /im "${APP_EXECUTABLE_FILENAME}"` $0
Sleep 500
nsExec::Exec `taskkill /f /t /im "${APP_EXECUTABLE_FILENAME}"` $0
nsExec::Exec `"$SYSDIR\taskkill.exe" /f /t /im "${APP_EXECUTABLE_FILENAME}"` $0

${If} $FullUninstall == 0
# Save the target tunnel state if we're upgrading
Expand Down

0 comments on commit 8d3ea96

Please sign in to comment.