[FD] Castel NextGen DVR multiple CVEs

All issues are associated with *Castel NextGen DVR v1.0.0 *and have been resolved in v1.0.1*.* --- *CVE-2020-11679 * *Original Disclosure*

[FD] Defense in depth -- the Microsoft way (part 68): qUACkery is futile!

Hi @ll, the help text displayed by the command line "%COMSPEC% /?" as well as the documentation of Windows' command processor CMD.EXE both state: | * Executing registry subkeys | | If you do not specify /d in String, Cmd.exe looks for

[FD] Defense in depth -- the Microsoft way (part 69): security remarks are as futile as the qUACkery!

Hi @ll, the MSDN article "Security Considerations: Microsoft Windows Shell" provides since MANY years the following advice for calls of ShellExecute(): | Make sure you provide an